Our researchers discovered the Turbo Download browser extension while investigating suspicious websites. According to its promotional material, this piece of software is advertised with the following functionalities: fast and secure downloads, all webpage image download in a single click, multi-se
While inspecting dubious websites, our research team discovered the ivvilonn[.]com rogue page. It promotes scams and browser notification spam. Furthermore, this webpage can redirect visitors to other (likely untrustworthy or harmful) sites. Most users access pages like ivvilonn[.]com through red
While inspecting new submissions to the VirusTotal website, our research team discovered the AdminRotator application. Our analysis of this app revealed that it is advertising-supported software (adware). AdminRotator is part of the AdLoad malware family. Adware stands for advertising-su
After inspecting the "American Express - Update Your Account Information" email, we determined that it is fake. It notifies the recipient of an "important security check" that requires them to update their American Express account. This phishing mail aims to deceive recipients into disclosing thei
After examining the "Specialized Hacker Succeeded In Hacking Your Operating System" email, we determined that it is spam. This letter is a sextortion scam; it makes false claims about explicit videos made of the recipient that will be distributed to their contacts unless a ransom is paid. It must
During the evaluation of the ForsythiaIntermedia browser extension, we observed concerning behavior. For instance, it introduces the "Managed by your organization" feature to Chrome browsers. We discovered ForsythiaIntermedia while analyzing a malicious installer sourced from an unreliable webpage
While examining a malicious installer, our research team came across the PicaPica application. This installer was found on a dubious website. The PicaPica app exhibits the capability to execute suspicious activities, such as adding the "Managed by your organization" feature to Chrome browsers.
"You Mailbox Failed 2 Security Test" is a phishing email. It is presented as a warning regarding the recipient's email account failing several security tests and pending deactivation. However, this information is false; it is intended to trick users into disclosing their log-in credentials.
After a thorough assessment of the Quick Workspace, our team discovered that its purpose primarily revolves around acting as a browser hijacker, with the intention of promoting the fake search engine find.searchu.co. The extension modifies a web browser's settings to exert control over its behavio
Quick Email is a rogue browser extension that promises easy access to email accounts and other popular platforms. However, after investigating this piece of software, we determined that it is a browser hijacker. This extension modifies browser settings to endorse the find.searchu.co fake search en