Scroll to Top is described as an application allowing users to quickly get back to the top (or bottom) of the page. We have tested this app and learned that it is an advertising-supported browser extension - it generates advertisements. We also found that Scroll to Top is promoted using a deceptiv
Zoutubephaid[.]com is a rogue webpage designed to push browser notification spam and redirect visitors to different (likely unreliable/malicious) websites. Our researchers discovered this page while inspecting websites that use rogue advertising networks. Redirects caused by such sites are how mo
Our analysis of the "Due To Recent Upgrade Or Error" email uncovered that it is spam use for phishing purposes. This letter baits recipients into disclosing their email account log-in credentials by claiming that the password will expire soon. When users press either of the links in the email, the
SiMay is the name of malware designed to allow an attacker to remotely control/access an infected computer. This type of malware is called a Remote Administration Trojan (RAT). RATs are used to steal information or files, distribute malware, and for other purposes. We have discovered SiMay while e
Unlocker is a ransomware-type program. After being launched on our test machine, this ransomware encrypted files and appended their filenames with ".[unlocker@onionmail.org].[victim's_ID].lock", consisting of the attackers' email address, a unique ID assigned to the victim, and the ".lock" extensi
Bomber is ransomware variant that belongs to the Amnesia ransomware family. We have discovered Bomber ransomware while checking VirusTotal for recently submitted malware samples. This variant encrypts files and modifies filenames by replacing their names with a string of random characters and appe
Our team has tested the BrowserDisplay application and found that it operates as adware - it generates intrusive advertisements. We have discovered this application while examining various shady websites. Typically, apps like BrowserDisplay are promoted and distributed using deceptive methods.
Noobilubi[.]com displays deceptive content to trick visitors into allowing it to show notifications and redirects them to other pages designed to do the same. Typically, these pages do not get visited on purpose. Our team has discovered noobilubi[.]com during periodical research on other shady web
The purpose of hipnoticrec[.]biz is to trick visitors into agreeing to receive notifications and redirect them to shady websites. We have discovered hipnoticrec[.]biz while examining web pages that use rogue advertising networks. It cannot be trusted or should be allowed to deliver notifications.
Our research team found the express-new[.]com rogue webpage during a routine inspection of untrustworthy sites. It is designed to lure visitors into allowing it to deliver browser notification spam. Express-new[.]com is also capable of redirecting users to other (likely unreliable/malicious) websi