While inspecting deceptive websites offering to download "useful" applications, we found an application called PropCreative. During the analysis, we found that PropCreative is adware - it displays intrusive advertisements. Additionally, PropCreative can read sensitive information. Advert
While examining websites that use rogue advertising networks, we discovered houbekuwucoo[.]com - a deceptive website designed to trick visitors into agreeing to receive notifications. Additionally, this site can open other pages of this kind. As a rule, pages like houbekuwucoo[.]com get visited un
Tapak[.]xyz is a rogue site that our research team found while inspecting untrustworthy webpages. This website operates by pushing browser notification spam and redirecting visitors to other (likely dubious/malicious) pages. Most enter such sites through redirects caused by webpages that use rogu
During a routine inspection of questionable software-promoting webpages, our researchers discovered the Keep It Dark browser extension. It promises to enable dark mode for browsers. We analyzed this extension and determined that it operates as advertising-supported software (adware) instead.
While inspecting dubious pages, our researchers discovered the shieldforbrowsers[.]com rogue website. It is designed to run scams, promote spam browser notifications, and redirect visits to different (likely untrustworthy and malicious) sites. Users typically access webpages like shieldforbrowser
We have discovered the Dark Display application while examining shady websites and inspecting deceptive advertisements. We learned that Dark Display is supposed to provide a dark mode for web browsers but functions as adware (it shows unwanted advertisements). After testing many advertisin
Our team discovered the Simple Search application while analyzing deceptive web pages. We found that the purpose of Simple Search is to promote search.simple-searchs.com (force users to browse the Internet with a fake search engine). Simple Search promotes this address by hijacking a web browser (
RozbehOfSatan is the name of a ransomware-type program. It is a new variant of the Rozbeh ransomware. After executing a sample of RozbehOfSatan on our test system, it encrypted files and created a ransom note. Typically, ransomware renames the affected files, but that is not to case with RozbehOf
Our team has spotted the TextBoard application while inspecting samples submitted to the VirusTotal website. After examination, we learned that the purpose of TextBoard is to display various advertisements. Thus, we classified this application as adware. Typically, users install software of this
Togo Tab is a rogue browser extension that we found while inspecting dubious download webpages. We determined that this piece of software operates as a browser hijacker. It modifies browsers and promotes the togosearching.com illegitimate search engine. Browser hijackers make specific chan