During a routine inspection of suspicious software-promoting websites, our researchers discovered the CustomSearch application. Our analysis revealed that this app operates as a browser hijacker. It promotes fake search engines (e.g., nseext.info, customsear.ch, etc.) by causing redirects to them
A.E.S.R.T is ransomware that encrypts files, appends the ".AESRT" extension to filenames, and displays a ransom note. Our malware researchers discovered A.E.S.R.T while inspecting samples submitted to the VirusTotal website. An example of how A.E.S.R.T renames files: it changes "1.jpg" to "1.jpg.A
AxBanker is an Android-specific banking malware. As its classification implies, this malicious software seeks to obtain banking information. AxBanker has been used in large smishing (SMS phishing) campaigns targeting Indian users. These operations were centered on some of the best-known banks in t
While examining ConnectedProtocol, we found that this application displays intrusive advertisements. Software that shows ads is called adware. We discovered ConnectedProtocol on a deceptive website suggesting that certain installed software is outdated. It is uncommon for adware to be installed
MNX is one of the ransomware variants belonging to the Phobos family. We discovered MNX while checking the VirusTotal website for recently submitted malware samples. MNX encrypts files, modifies filenames, and generates two ransom notes ("info.txt" and "info.hta"). MNX appends the victim's ID, de
Our researchers found the onesoftwareupdater[.]com rogue webpage while looking through untrustworthy sites. This page promotes browser notification spam and can redirect visitors to other (likely dubious/malicious) websites. At the time of research, onesoftwareupdater[.]com used fake CAPTCHA verif
We tested the Omni Convert - Search Settings for Omnibar browser extension and found that it promotes a fake search engine. This app promotes app.clipconverter.site. It does that by hijacking a web browser (by changing its settings). We discovered Omni Convert - Search Settings for Omnibar on a de
While inspecting dubious websites, our research team discovered Canvas Tab's "official" promotional page. This software is a browser extension endorsed as a tool capable of allowing users to draw on new browser tabs and save the created artwork. However, our inspection of Canvas Tab revealed that
We have inspected this email and found that it is sent by scammers who aim to lure recipients into providing personal information. Scammers behind this email use a phishing page to extract information. They disguised the email as a letter from an email service provider. This email urges re
Weather-in.xyz is the address (URL) of a fake search engine promoted using Weather In browser hijacker. Typically, websites of this kind are promoted by software classified as browser hijackers. They modify browser settings in order to cause redirects to illegitimate search engines. Additionally,