Our team examined the Secure Search Pro browser extension and learned that it is a browser hijacker. This app changes the settings of a web browser to promote securesearch.pro - a fake search engine. We discovered Secure Search Pro while inspecting shady web pages. Most browser hijackers are promo
While examining dolty[.]click, we learned that it runs the "McAfee - Your PC is infected with 5 viruses!" scam to trick visitors into purchasing an antivirus software subscription. Also, it wants to deliver notifications. Usually, pages like dolty[.]click are promoted using shady methods. We disc
Our research team found the Lumino_Ransom ransomware while inspecting new malware submissions to VirusTotal. After we executed a sample of this ransomware on our test system, it encrypted files and appended their filenames with a ".lumino_locked" extension. To elaborate, a file initially titled "1
Eu is the name of ransomware that our team discovered while examining malware samples submitted to the VirusTotal page. Ransomware is a form of malware that encrypts files. Typically, it renames files and provides a ransom note as well. Eu appends ".eu" extension to filenames, changes the desktop
Our team analyzed the morcun[.]click and found that it runs the "McAfee - Your PC is infected with 5 viruses!" scam. We discovered this page while inspecting other pages that use rogue advertising networks. We also found that morcun[.]click wants to show notifications. This page cannot be trusted.
Multiple Account is the name of a rogue browser extension promoted as a tool that can save and import Internet cookies from other accounts. After analyzing this piece of software, we determined that it operates as adware. Adware stands for advertising-supported software. It is designed to
Rs-jon is ransomware that makes files inaccessible by encrypting them. Also, it appends the ".rjson" extension to the filenames of the encrypted files, changes the desktop wallpaper, and drops the "READ_ME_PLZ.txt" file containing a short ransom note. Our malware researchers discovered Rs-jon whil
Our researchers discovered yourhypejournal[.]com rogue webpage during a routine inspection of untrustworthy sites. This page is designed to trick visitors into allowing it to deliver browser notification spam. Most users enter webpages like yourhypejournal[.]com through redirects caused by website
Our researchers discovered the TabsMode browser extension while investigating untrustworthy websites. After analyzing this rogue extension, we determined that it operates as a browser hijacker. TabsMode makes changes to browser settings in order to cause redirects to the tabsmode.xyz fake search e
After testing the quick do app, we found that it is a browser extension that changes the settings of a web browser to promote a fake search engine (quicknewtab.com). Moreover, this app does not allow users to undo its changes while it is added to a browser. Apps designed to promote fake search eng