Isearch.start.fyi is the address of an illegitimate search engine. Websites of this kind are usually promoted by browser-hijacking software. It makes changes to browser settings in order to cause redirects to these sites. Furthermore, both fake search engines and browser hijackers typically collec
Our researchers discovered the CommonHandler application during a routine inspection of new submissions to the VirusTotal website. Following our examination of this app, we determined that it is adware belonging to the AdLoad malware family. Adware stands for advertising-supported softwa
WannaCry 3.0 is the name of a ransomware-type program. It is presented as a new variant of the WannaCry ransomware. Impersonator programs typically aim to use the original's notoriety. WannaCry 3.0 is actually based on the open-source Crypter (Python) ransomware. Malware within the ransomware cat
After inspecting lacmeeftsurvey[.]space, we concluded that it is an untrustworthy page running a survey scam. Also, lacmeeftsurvey[.]space wants to show notifications and redirect users to other websites. It is worth mentioning that users do not open pages like lacmeeftsurvey[.]space intentionally
During our investigation, we discovered that advtgroup[.]com employs a deceptive tactic to deceive visitors into granting permission for notification display. Furthermore, this website redirects users to other dubious sites. It should be noted that users often come across sites like advtgroup[.]co
After examining the "Social Security Administrator" email, we determined that it is spam. We found two variants of this mail; the text in the body of the letter was the same, while the attachments differed. This scam uses false claims regarding serious Social Security number issues to trick recipi
While investigating websites employing questionable advertising networks, we encountered topatincompany[.]com, which is among the numerous sites that employ deceptive tactics to deceive visitors into granting permission to display notifications. Furthermore, while browsing topatincompany[.]com, vi
FantasyMW is a rebrand of goatRat malware. FantasyMW is an Android banking trojan, a type of malware that specifically targets banking-related information. There are several variants of this malicious program, with one of the main differences in-between being the number of Brazilian banks it targ
While investigating new submissions to VirusTotal, our research team discovered another ransomware based on Chaos – called Eren Yeager. Malware within this classification is designed to encrypt data and demand payment for its decryption. After we executed a sample of Eren Yeager ransomware on our
During our examination of equaffism[.]com, we found that this is an untrustworthy page designed to trick visitors into agreeing to receive notifications. The page displays a misleading message as a lure. Also, equaffism[.]com redirects visitors to other websites that may be malicious. Thus, equaff