While inspecting essential-scan[.]com, we learned that it runs the "McAfee - Your PC is infected with 5 viruses!" scam and wants to show notifications. It displays deceptive content (uses deceptive marketing) to trick visitors into purchasing legitimate antivirus software. Typically, users open su
Cartech[.]cfd is the address of a rogue webpage that our research team discovered while inspecting dubious sites. This page attempts to deceive visitors into allowing it to display browser notification spam. Furthermore, this website can redirect visitors to different (likely untrustworthy/malicio
Fun4me[.]click is a rogue webpage promoting browser notification spam. Our researchers discovered this site during a routine inspection of untrustworthy websites. Visitors to fun4me[.]click and sites akin to it - typically access them via redirects caused by webpages that use rogue advertising ne
While investigating untrustworthy websites, our research team discovered the xxx-offers[.]com rogue page. It is designed to push spam browser notifications and redirect visitors to other (likely dubious or malicious) webpages. Most commonly, sites like xxx-offers[.]com are accessed through redire
Parental Control: BlackList is a rogue browser extension that our researchers discovered while investigating suspicious sites that promote software. This extension is presented as a parental tool capable of blocking websites based on a created list. However, our analysis revealed the behavior of
Ad-free | best ad blocker is the name of a browser extension that supposedly blocks online advertisements. Ironically, this app generates advertisements. Thus, we classified Ad-free | best ad blocker as adware. Our team discovered this app on a deceptive page that recommended adding it to a browse
HyperBro is the name of a Remote Access Trojan (RAT). This type of malware is designed to allow remote access/control over infected machines. RATs are typically highly functional pieces of malicious software capable of causing all sorts of severe issues. It is noteworthy that HyperBro has been us
CovalentStealer is an info-stealing malware that identifies file shares on a system, categorizes the files, and then exfiltrates (uploads) them to a remote server controlled by threat actors. CovalentStealer stores gathered files on OneDrive. It is known that it was used as a payload when targetin
"Your Device Apple iPhone Has Been Hacked" is a scam that our researchers discovered while inspecting dubious websites. As the name implies, it claims that the visitor's iPhone has been infected and hacked. It must be emphasized that no site can detect such (or other) issues on users' devices -
Cool baro is a browser extension designed to promote barosearch.com by hijacking a web browser. Barosearch.com is a fake search engine that does not generate its own results. Typically, users download and add browser hijackers to browsers (or install them on computers) inadvertently. Cool