We have discovered the Ad Block Ultra application on a website offering faster web browsing with no advertisements (including ads on YouTube, Facebook, news sites, and many more). During our analysis, we noticed that this app generates its own advertisements. Thus, we concluded that Ad Block Ultra
Erinalexralf is ransomware that encrypts files and appends the ".enc" extension to filenames. It also creates the "HOW_TO_RETURN_FILES.txt" file containing a ransom note. We have discovered Erinalexralf ransomware while checking the malware samples submitted to the VirusTotal page. An example of
Uyjh is ransomware designed to encrypt files, append the ".uyjh" extension to filenames, and create a ransom note (the "_readme.txt" file). We have discovered this ransomware variant while checking the VirusTotal site for recently submitted malware samples. We also found that Uyjh is part of the D
Our researchers found the Dark It Online browser extension during a routine inspection of dubious download web pages. After analyzing it, we determined that this piece of software operates as adware. Unlike most adware-types, the feature promised by Dark It Online - enabling dark mode for website
WireNavigate is a rogue app, which our research team discovered while inspecting new submissions to VirusTotal. After analyzing this application, we determined that it operates as advertising-supported software (adware) and belongs to the AdLoad malware family. Adware may require certain
While inspecting deceptive websites, our researchers found the "Your Antivirus Has Expired" scam. We discovered two practically identical variants of it. Both claim that the McAfee anti-virus subscription has expired and urges users to renew it. Usually, schemes of this type endorse untrustworthy
After analyzing the "ShenZhen A&E" email, our research team determined that it is spam intended to infect recipients' devices with malware. This letter claims that a massive sum has been transferred to the recipient's bank account and requests them to consult the attached payment slip. Once o
While inspecting rogue sites, our researchers discovered the onlineshield[.]info webpage. It loads deceptive content, promotes browser notification spam, and redirects visitors to other (likely dubious/malicious) pages. Onlineshield[.]info and similar websites are rarely accessed intentionally. Mo
Moon Browser is the name of a Chromium-based browser. After testing this browser, we found that it promotes the feed.moonbrowser.com address. Feed.moonbrowser.com is a fake search engine. Thus, it is recommended not to use it as a tool to browse the Internet and avoid using browsers (and other a
During a routine inspection of shady websites, our researchers discovered the "You've made the 16.39-billionth search!" scam. It uses content (names/graphics) associated with the Google search engine, thereby implying that this reward is given or sponsored by Google LLC. In fact, this scam is in n