Webprotectionsurveys[.]live is a rogue site that our researchers found while inspecting dubious webpages. It operates by running scams, promoting spam browser notifications, and redirecting visitors to other (likely untrustworthy/harmful) websites. Users typically enter pages like webprotectionsu
While investigating this email, we found that it is a scam email. Scammers behind it aim to trick recipients into opening a phishing website and providing information on it. The email is disguised as an inquiry letter regarding some order. This email should be ignored, and its hyperlink should be
Text to Google Maps is described as a tool allowing users to send the selected text to Google Maps (search for selected location/address in Google Maps). However, while testing this browser extension, we found that unwanted advertisements appear while it is added to a browser. Thus, we classified
Tuow is a Djvu ransomware that encrypts files, appends its extension (".tuow") to filenames, and creates a text file ("_readme.txt") containing a ransom note. Victims cannot access/use encrypted files until they are decrypted. Our malware researchers discovered Tuow ransomware while inspecting mal
While inspecting questionable sites, we discovered the flymylife[.]info rogue webpage. It is designed to promote browser notification spam and cause redirects to other (likely untrustworthy/harmful) websites. Users typically access pages like flymylife[.]info through redirects caused by websites t
Rugby Start is a rogue browser extension that our research team found during a routine investigation of untrustworthy websites. This piece of software is promoted as a quick-access tool for Rugby results and related news. After analyzing Rugby Start, we determined that it operates as a browser hij
While investigating new submissions to VirusTotal, our researchers discovered the ESCANOR ransomware. It is designed to encrypt data and demand ransoms for the decryption. When we executed a sample of this ransomware on our test machine, it began encrypting files and changed their filenames. To e
The Wise Guys is the name of a data wiper disguised as ransomware. It deletes all files (it does not encrypt them). Also, it generates three files ("readme.txt", "readme.hta", and "readme.html") containing identical ransom notes. Our team discovered The Wise Guys malware while checking the VirusTo
border colors is the name of a browser extension that supposedly puts border colors on layouts of websites. Our team discovered this app while inspecting various deceptive pages (it is promoted on several shady pages). During the examination, we found that border colors shows annoying advertisemen
Protectionsurveys[.]online is a rogue webpage that our research team discovered while inspecting dubious sites. It is designed to promote deceptive content, push spam browser notifications, and redirect visitors to different (likely untrustworthy/harmful) websites. Users typically enter these page