"Wallet Access Connect" is a phishing scam targeting cryptocurrency wallet log-in credentials. We found it when analyzing sites that use rogue advertising networks. This scheme is presented as a tool to ease access between dApps (decentralized applications) and mobile wallets. When we acce
While testing the sample, we identified that Factfull is ransomware - malware that encrypts files. We learned that this ransomware appends a string of random characters, factfull0103@airmail.cc email address, and the ".factfull" extension to filenames. For example, it renames "1.jpg" to "1.jpg.[8
While examining the need dark application, we have learned that it hijacks a web browser by changing its settings. The purpose of this app is to promote iwsooos.com - a fake search engine. Our team has discovered the need dark browser hijacker while visiting a deceptive website. While anal
While researching rogue sites, our researchers stumbled upon the 3v4lu4t3-4pp0intm3nt[.]xyz webpage. We've discovered that this website promotes deceptive content and browser notification spam. Additionally, it can redirect visitors to other unreliable/malicious sites. We have observed this websit
Our team has discovered foodme[.]info while browsing illegal movie streaming, torrent, adult dating, and similar sites that use questionable advertising networks. At the time of the research, foodme[.]info displayed a fake CAPTCHA to trick visitors into allowing it to deliver notifications.
We have discovered adroadlinks[.]com while visiting websites that use rogue advertising networks (such as illegal movie streaming, torrent sites). After examining adroadlinks[.]com, we learned that this page displays deceptive content and asks for permission to show untrustworthy notifications.
Our researchers discovered Blocker ransomware on VirusTotal. While analyzing the ransomware sample we found that it encrypts files and appends them with the ".blocker" extension. For example, a filename like "1.jpg" appeared as "1.jpg.blocker", "2.jpg" as "2.jpg.blocker", and so on. Once the encry
LinkGraph Analysis is the name of a browser extension endorsed as a tool that allows users to check their websites' SEO (Search Engine Optimization) and provides a comprehensive support link analysis. After installing this piece of software onto our test system, we determined that LinkGraph Analys
Shiny Tab is a rogue browser extension promising various functionalities, such as browser wallpapers, light/dark and fullscreen modes. When we analyzed this piece of software, we observed it modifying browser settings and promoting the search.shinytab.com fake search engine. This behavior classifi
Detected when our research team was investigating untrustworthy websites, gapscult[.]com is a rogue page designed to load dubious content, promote spam browser notifications, and redirect visitors to other suspect/malicious sites. Websites like gapscult[.]com are typically accessed via others that