Windows-hold[.]com is a deceptive website that runs a scam similar to "McAfee - Your PC is infected with 5 viruses!". Also, it asks for permission to display notifications. We discovered windows-hold[.]com while inspecting other pages that use rogue advertising networks (illegal movie streaming, t
Moviety is described as "a perfect browser extension for movie lovers of all stripes". We have discovered this app on a deceptive website. After downloading and adding Moviety to a browser, we noticed that it shows intrusive advertisements. It means that Moviety is an advertising-supported applica
Our researchers discovered the online-guard[.]com rogue page while inspecting dubious websites. This webpage is designed to promote scams, push spam browser notifications, and redirect visitors elsewhere (likely unreliable/malicious websites). Most users enter sites of this kind via redirects caus
Ad Blocker App is promoted as a free browser extension that blocks advertisements. Ironically, after testing the app, we found that it generates advertisements (it is an advertising-supported application). It is worth mentioning that adware is often distributed using questionable methods - users t
While inspecting questionable sites, we discovered the notificationnewsspace[.]com rogue webpage. It promotes browser notification spam (via fake CAPTCHA) and redirects visitors to other (likely untrustworthy/malicious) websites. Most users enter such webpages through redirects caused by sites usi
Tuning Videos is described as an app that protects the eyes and improves sleeping cycles by adjusting video temperature and many other properties. After downloading and adding it to a browser, we found that it has an additional property - it shows advertisements. Thus, we categorized Tuning Videos
Rrbb is the name of ransomware that our team has discovered during the analysis of malware samples submitted to VirusTotal. We found that Rrbb belongs to a ransomware family called Djvu. It encrypts files, appends the ".rrbb" extension to filenames, and provides a ransom note (in the "_readme.txt"
We have discovered new ransomware belonging to the Djvu family while analyzing the samples submitted to VirusTotal. It is called Rryy. This ransomware encrypts files, appends its extension (".rryy") to filenames, and generates a text file ("_readme.txt") containing a ransom note. An example of ho
Advnottech[.]com is a rogue webpage that operates by pushing browser notification spam and redirecting visitors to other (likely untrustworthy/malicious) sites. Our researchers discovered this page while inspecting websites that use rogue advertising networks. Most users access advnottech[.]com (
Our research team found the updatenotification[.]xyz rogue page during a routine inspection of untrustworthy sites. It is designed to promote deceptive content (scams), push browser notification spam, and redirect visitors to different (likely unreliable/malicious) webpages. At the time of researc