Tail DS is the name of a browser extension. After analyzing this piece of software, our researchers found that it exhibits the behavior of a browser hijacker. Tail DS modifies browser settings to cause redirects to the tailsearch.com illegitimate search engine. Additionally, this extension spies o
ComputingInteractive is a rogue app our researchers discovered while looking through new submissions to VirusTotal. After analyzing it, we determined that this application operates as adware and is part of the AdLoad malware family. It is noteworthy that advertising-supported software ma
Our research team discovered the poopholiredgeng[.]com webpage during a routine inspection of rogue websites. This page is designed to push browser notification spam and redirect visitors to other (likely untrustworthy or malicious) sites. Webpages like poopholiredgeng[.]com are usually accessed
Our team has become aware of this email after receiving it to our inbox. After analyzing it, we learned that it is a phishing email purporting to be from WeTransfer. Scammers behind it attempt to trick recipients into clicking the provided link and entering their login credentials on a fake WeTran
Discovered on the 14th of March, 2022 - CaddyWiper is a piece of malicious software designed to wipe the data stored on infected devices. The observed geopolitically-motivated attacks targeted specific Ukrainian organizations; these infections are evidently a cyber element of the war in Ukraine.
Safepcsoftwares[.]com is a page that displays fake virus alerts (messages claiming that a computer is infected) and asks for permission to show deceptive notifications. Our team has discovered safepcsoftwares[.]com while examining other pages that use rogue advertising networks (redirect to shady
Datadefenceservice[.]com is a rogue website our research team found while inspecting untrustworthy pages. It operates by loading deceptive material, promoting spam browser notifications, and redirecting visitors to other (likely unreliable/hazardous) sites. Most users enter such webpages via redi
During a routine inspection of rogue websites, our researchers discovered the protectconnection[.]icu site. When we accessed this webpage, we noted that it ran a variant of the "(3) Viruses have been detected on your iPhone" scam. Deceptive content of this type usually lures users into download
We have discovered the defender-scanner[.]com website while examining various illegal streaming, torrent, and similar sites that use questionable advertising networks. We learned that defender-scanner[.]com is a deceptive website used to collect illegitimate commissions. It also asks for permissio
Putinwillburninhell is ransomware that was discovered by MalwareHunterTeam. This piece of malware encrypts files and appends the ".putinwillburninhell" extension to their filenames. For instance, it renames "1.jpg" to "1.jpg.putinwillburninhell", "2.png" to "2.png.putinwillburninhell". Also, it cr