We tested the Omni Convert - Search Settings for Omnibar browser extension and found that it promotes a fake search engine. This app promotes app.clipconverter.site. It does that by hijacking a web browser (by changing its settings). We discovered Omni Convert - Search Settings for Omnibar on a de
While inspecting dubious websites, our research team discovered Canvas Tab's "official" promotional page. This software is a browser extension endorsed as a tool capable of allowing users to draw on new browser tabs and save the created artwork. However, our inspection of Canvas Tab revealed that
We have inspected this email and found that it is sent by scammers who aim to lure recipients into providing personal information. Scammers behind this email use a phishing page to extract information. They disguised the email as a letter from an email service provider. This email urges re
Weather-in.xyz is the address (URL) of a fake search engine promoted using Weather In browser hijacker. Typically, websites of this kind are promoted by software classified as browser hijackers. They modify browser settings in order to cause redirects to illegitimate search engines. Additionally,
While examining Super-Newtab, we discovered that it changes the web browser's settings. Apps of this type are known as browser hijackers. Most browser hijackers promote fake search engines. Users do not add apps of this type to browsers on purpose. Super-Newtab hijacks a web browser by cha
We inspected full-mark[.]xyz and learned that the purpose of this page is to trick visitors into agreeing to receive notifications. It uses a clickbait technique (displays deceptive content) as a lure. Also, full-mark[.]xyz redirects to scam websites. Full-mark[.]xyz shows a deceptive mess
While inspecting new submissions to VirusTotal, our researchers discovered the LATCHNETWORK ransomware-type program. It is pertinent to mention that this malicious program is part of the MedusaLocker ransomware family. After we executed a sample of LATCHNETWORK on our test machine, it encrypted f
Vohuk is ransomware that prevents victims from accessing files by encrypting them. Also, it replaces filenames with a string of random characters and appends the ".Vohuk" extension to them, changes the desktop wallpaper, and drops the "README.txt" file. The dropped text file contains a ransom note
Our research team discovered the alltopspot[.]com rogue page. It promotes browser notification spam and redirects users to different (likely unreliable/harmful) websites. Users typically enter alltopspot[.]com and similar sites through redirects caused by pages using rogue advertising networks.
Our research team discovered the mysecuritydatabase[.]live rogue page while checking out dubious websites. This webpage promotes scams (e.g., "Norton Security - Your PC Might Be Infected With Viruses!") and spam browser notifications. Furthermore, mysecuritydatabase[.]live can redirect users to ot