CrownVanirty is a piece of rogue software that our researchers discovered during a routine inspection of new submissions to VirusTotal. We determined that this application operates as advertising-supported software (adware) and belongs to the AdLoad malware family. Adware is designed to
During the examination of the finchi[.]click page, we found that it runs the "McAfee - Your PC is infected with 5 viruses!" scam and wants to show deceptive notifications. The purpose of this site is to trick visitors into purchasing an antivirus subscription. This page should be ignored. None of
Defense-software[.]com is a rogue webpage our researchers discovered while inspecting new submissions to VirusTotal. It promotes online scams, pushes browser notification spam, and redirects visitors to other (likely dubious/malicious) sites. Users typically enter defense-software[.]com and simil
We examined this email and learned that it is composed by scammers who aim to trick recipients into providing sensitive information. This email is disguised as a letter from an email service provider regarding pending emails. This and similar emails should be ignored. The email claims that
While inspecting suspicious websites, our research team discovered the Smartbase rogue browser extension. After we inspected this piece of software, we determined that it operates as a browser hijacker. Smartbase modifies browser settings in order to promote the legitimate Bing search engine (bing
While testing the AdminPerformance application, we found that its purpose is to bombard users with intrusive advertisements. Therefore, we classified AdminPerformance as adware. Our team discovered this advertising-supported app after using a fake installer downloaded from an untrustworthy websi
Our researchers found the Trg ransomware-type program while checking out new submissions to VirusTotal. This program encrypts data and demands payment for the decryption; it also belongs to the Xorist ransomware family. After we launched a sample of Trg on our test machine, it encrypted files and
We investigated the stayundercontrol[.]online website and found two things: this page runs the "McAfee - Your PC might be infected with 5 viruses!" scam and wants to show notifications. Our team discovered stayundercontrol[.]online while inspecting websites that use rogue advertising networks. Pag
While investigating this email, we found that it is a scam email disguised as a letter from an email service provider. Scammers send this email to lure recipients into clicking a link and providing a password on the opened phishing website. This email should be ignored. The email claims th
Our researchers discovered the roclin[.]click rogue website during a routine inspection of questionable sites. Roclin[.]click promotes scams, pushes browser notification spam, and redirects visitors to different (likely unreliable/malicious) webpages. Most users access such sites via redirects ca