During a routine inspection of dubious download webpages, our researchers found the moon darker browser extension. It is endorsed as a dark mode tool. After analyzing this piece of software, we determined that it is a browser hijacker promoting the getsins.com fake search engine. Browser h
AdBlock Max - remove invasive ads is the name of an application/browser extension that we have discovered on a shady website. It is described as an app that removes advertisements and trackers on popular websites and skips YouTube ads. Our team has tested the app and noticed that it operates adwar
Check-the-weather[.]com is an untrustworthy website designed to trick users into agreeing to receive its notifications and redirect visitors to other shady pages. Our team has discovered this page while examining other dubious sites that use rogue advertising networks. Typically, pages like check-
Our team has discovered the QuickCouponSearch application on a shady website. After testing the app, it was concluded that QuickCouponSearch is a browser hijacker. This app hijacks web browsers by changing their settings. The purpose of QuickCouponSearch is to promote quickcouponsearch.com - a fak
Recently, it has been popular among scammers to send coronavirus-related emails to trick recipients into transferring money, providing sensitive information, and other purposes. We have examined this email and concluded that it is just another pandemic-related email scam. Scammers behind it attemp
News-govuhu[.]cc is a rogue site, which our researchers discovered while inspecting dubious webpages. It is designed to load questionable content, push browser notification spam, and redirect visitors to other (likely untrustworthy or malicious) websites. News-govuhu[.]cc and similar pages are ra
Kabil is ransomware based on another ransomware variant called Chaos. It encrypts files and appends ".kabil" extension to filenames. Also, Kabil changes the desktop wallpaper and creates the "read_it.txt" file (both containing ransom notes). Our malware researchers have discovered this ransomware
ProfessionalHelper is a rogue app that our research team discovered while inspecting new submissions to VirusTotal. Our analysis revealed that this application operates as adware. Additionally, we learned that ProfessionalHelper belongs to the AdLoad malware family. Adware may not displa
We have found a new ransomware variant from the Djvu family named Pphg while examining malware samples submitted to VirusTotal. It was found that Pphg encrypts files and appends the ".pphg" extension to filenames (for example, it renames "1.jpg" to "1.jpg.pphg", "2.jpg" to "2.jpg.pphg"), and creat
Allprofitsurvey[.]top is an untrustworthy website that displays deceptive content (runs a fake survey) and asks for permission to show notifications. We discovered this site while inspecting other untrustworthy pages (such as illegal movie streaming and torrent sites) that use shady advertising ne