Threats
What is the Nexus.ensighten.com Browser Hijacker?
Nexus.ensighten.com is a deceptive website that is frequently used to distribute a browser hijacker. The website operates by displaying misleading pop-up ads and fake software updates, which prompt users to install... Read more
What is the Magic-dark.xyz Browser Hijacker?
Magic-dark.xyz is an untrustworthy search engine that is promoted by browser hijackers. These malicious programs modify browser settings, causing redirects to the promoted website. Browser hijackers and illegitimate... Read more
What Does Architecture Tab Rogue Browser Extension Do?
After examining the Architecture Tab browser extension, our researchers found that it functions as a browser hijacker that modifies browser settings to promote a counterfeit search engine called srchingoz.com. It's... Read more
DownEx Malware Used in Espionage Campaign
A new type of malware called DownEx has been discovered by Romanian cybersecurity researchers. It is being used in a sophisticated espionage campaign that is targeting government organizations in Central Asia, with... Read more
Beware of the Smart-browsing Rogue Browser Extension
After conducting an investigation on Smart-browsing, our team found that it is an adware program that displays intrusive advertisements, leading users to untrustworthy websites. It is common for users to... Read more
LuckyWheel Adware Comes With Its Own Executable
Our team analyzed LuckyWheel and concluded that it is classified as adware due to its primary purpose of displaying intrusive advertisements. Many users unknowingly download and install adware without being aware of... Read more
BackService Will Hijack Your Browser Settings
BackService is a potentially unwanted program that intrudes on your browsing activity and alters your browser settings, displaying unwanted advertisements on the websites you visit. It can do this through a browser... Read more
What is the Nature Extension Browser Hijacker?
During a check on suspicious websites, our team discovered the Nature Extension, which offers users nature-themed browser wallpapers. However, further analysis revealed that the extension is actually a browser... Read more
GoldenWolf42 Ransomware Asks for Payment Through PayPal
GoldenWolf42 is a type of ransomware that encrypts files, alters their names by appending the ".GoldenWolf42" extension, modifies the desktop wallpaper, and creates a file named "read_it.txt" that contains details on... Read more
Zipp3rs Ransomware is a New Xorist Clone Targeting Files for Encryption
During our analysis of new malware submissions, we came across Zipp3rs, a malicious program classified as ransomware, belonging to the Xorist ransomware family. On our testing system, Zipp3rs encrypted files and added... Read more
Abstract Art Tab Browser Extension Will Switch Your Search Engine Without Permission
While investigating malicious websites, our team discovered the Abstract Art Tab browser extension, which claims to provide abstract art style wallpapers for browsers. However, our analysis revealed that this... Read more
Captchasafe.top Attempts Ad Spam Through Fake Anti-Bot Check
Captchasafe.top is a website that our team came across while investigating suspicious advertising networks. This website aims to deceive users into subscribing to its notifications, which can lead to the redirection... Read more
Thenicejournal.com Attempts to Spam Ads Using Fake Bait Content
During our investigation of suspicious websites, we came across a deceptive site called thenicejournal.com that uses tactics like browser notification spam and redirects to unreliable and potentially harmful pages.... Read more
Topdomainblog.com Tries to Slip Ads Through Fake Anti-Bot Check
During an investigation of shady advertising networks, our team discovered topdomainblog.com, a deceptive website that tricks users into subscribing to its notifications and redirects them to dubious sites. Visitors... Read more
Gatz Ransomware is a Djvu Variant Decrypting Files on Infected PCs
During an analysis of new malware samples, our researchers found Gatz, a ransomware belonging to the Djvu family. Its method involves encrypting files and appending the ".gatz" extension to their names, while also... Read more
BrightNight Ransomware Will Lock Most of Your Files
BrightNight is a type of malicious software that encrypts data and requires payment to decrypt it. This behavior classifies it as ransomware. When we tested a sample of BrightNight on our system, it encrypted files... Read more
Misground.com Uses Fake Bot Check to Spam Ads
During our investigation, we discovered Misground.com, a fraudulent website that tricks users into subscribing to push notifications by posing as a verification process. The website requests users to click on the... Read more
CleanTab Refresh Acts as Adware
During an inspection of questionable websites, our team uncovered the CleanTab Refresh browser extension, which is advertised as a tool to refresh web pages with a single click. However, our investigation revealed... Read more
