While inspecting shady websites, we discovered the savingm[.]com page. This rogue webpage promotes deceptive material, pushes browser notification spam, and redirects visitors to other (likely untrustworthy/malicious) sites. Most users enter websites like savingm[.]com through redirects caused by
Protectpc[.]xyz is a shady website running a scam similar to "McAfee - Your PC is infected with 5 viruses!". Also, this page asks for permission to show notifications. Our team has discovered protectpc[.]xyz while inspecting illegal movie streaming pages, torrent sites, and other pages that use ro
Axxes is ransomware (a rebranded version of Midas ransomware) that encrypts files and appends the ".axxes" extension to their filenames. We have discovered this malware while examining samples submitted to VirusTotal page. Axxes creates the "RESTORE_FILES_INFO.hta" file, which contains a ransom no
BestSearchIncognito is a rogue browser extension. After analyzing this piece of software, we determined that it operates as a browser hijacker. BestSearchIncognito modifies browser settings to promote the bestsearchincognito.com fake search engine. After being successfully installed onto o
FreeSearchStreams is a browser hijacker designed to promote freesearchstreams.com, a fake search engine. It promotes this address by hijacking a web browser (by changing its settings). We have discovered FreeSearchStreams while inspecting various shady websites. We found that FreeSearchStr
Video Skipping Ads is promoted as the best extension for blocking ads on YouTube. We have discovered this app on a deceptive page asking us to "add extension" to complete the process. After adding and inspecting the Video Skipping Ads app, we found that it generates advertisements - it operates as
While inspecting dubious websites, we discovered the saveprivatedata[.]com rogue page. It is designed to promote scams, push spam browser notifications, and redirect visitors to different (likely untrustworthy/malicious) sites. Users typically enter such webpages via redirects caused by sites usin
PerfectConverters is the name of a rogue browser extension. After analyzing this piece of software, we determined that it operates as a browser hijacker promoting the perfectconverters.com fake search engine. Following successful installation onto our test machine, PerfectConverters reassi
While inspecting untrustworthy sites, our research team discovered the swooflia[.]xyz rogue page. It operates by endorsing deceptive content, promoting browser notification spam, and redirecting visitors to other (likely unreliable/malicious) websites. Webpages of this kind are typically accessed
We have inspected this email and concluded that it is a fake email from Avira (a legitimate computer software company). Scammers behind it attempt to trick recipients into believing that their computers are infected. Their goal is to trick them into opening a deceptive website and following the pr