The Satellite and Earth Maps is a Google Chrome add-on that has already been removed from the official Chrome Store due to the dubious changes it brought to the Web browsers of its users. However, this is not the only reason not to use the Satellite and Earth Maps – the add-on also is categorized as a Potentially Unwanted Program (PUP) by multiple reputable security products. The Satellite and Earth Maps may be promoted via online advertisements and pop-ups, which promise to provide users...

The Access Online Forms is a Chrome extension whose description says that its users can expect to receive quick and convenient access to social media pages, shopping sites, forms providers and other interesting Internet content. However, the Access Online Forms may not tell users in its description that they need to grant this add-on permission to control their new tab page and search engine; otherwise, the installation cannot be completed. If the Access Online Forms is granted the...

SearchWorld is a browser add-on that promises to enhance your ability to search the Web by introducing you to new and exciting search utilities. Unfortunately, installing SearchWorld will not yield you any advantages and, instead, it may impair your Web browsing by forcing you to use a new tab page and search aggregator that you are not used to. SearchWorld may reconfigure your Web browser, so that you will be redirected to the non-trustworthy site Toksearches.xyz whenever you try to load a...

The 'LOCKED ON POSSESSION OF COPYRIGHTED MATERIAL' Ransomware is a file-locking Trojan that pretends to attack the user's computer as a punishment for copyright infringement. The threat has no relationship with any nation's law enforcement and is similar to illicit and threatening software like Hidden Tear or a Ransomware-as-a-Service. Users with reliable anti-malware products should remove the 'LOCKED ON POSSESSION OF COPYRIGHTED MATERIAL' Ransomware by default, although a secured backup may...

TeamTNT is a cybercrime organization whose members appear to specialize in cryptocurrency-related attacks. The group is involved in the development of various malware pieces that targeted cryptocurrency in some way – either mining it, hijacking transactions or compromising login credentials. The name of the TeamTNT Criminal Group was in the news recently because of their attacks against vulnerable installations of the Docker service – it is important to mention that these vulnerabilities are...

The Duri Malware is a website-embedded threat that tricks users into downloading corrupted files, such as Trojan installers, onto their computers. Unlike most threat types of this nature, such as an Exploit Kit, the Duri Malware doesn't depend on conventional, usually-patchable security vulnerabilities. Users should maintain careful browser settings and have active anti-malware protection to block the Duri Malware or remove the payload. The ingenuity of threat actors navigating the...

Online tactics often rely on exploiting legitimate features in your Web browser to deliver their fraudulent content. Recently, there has been an efflux in the popularity of the 'Please click Allow to continue' tactic. It is hosted on various websites claiming that the users need to click 'Allow' either to verify that they are not robots or play a video. The latter variation of the tactic is found on the page Backtonews.biz – it tells people to press 'Allow' to enable video playback, but as...

Hopsigna.com is a website that tries to hijack your browser notifications by showing a fake video player, and claiming that you need to click 'Allow' if you want to enable video playback. It is likely that Hopsigna.com may show up in your Web browser while you are trying to view online videos, sports streams, pirated movies and other digital content. Many users might follow the instructions blindly. However, they will be discouraged with the result. Hopsigna.com does not play any video and,...

Ussiarusse.club is a Web page that will display a fake 'robot check' prompt if you stumble upon it. Of course, no one would visit this random page on purpose – it may show up in your Web browser when you visit less reliable websites that have been paid to promote ads by Ussiarusse.club. Ussiarusse.club's prompt says that you should 'Click Allow if you are not a robot' – however, the page does not tell you that by performing this action, you will end up subscribing to its notifications. The...

The Package Tracker Guru is a troublemaking browser extension whose installer may promise you great features, but the real purpose of the add-on is to promote the website found at Search.hpackagetrackerguru.com. This page hosts a simple search engine, as well as links to popular online delivery companies and their tracking services. The Package Tracker Guru is meant to set this website like the one that you will see whenever you load a new tab in your browser. While this is not a harmful...

Tracking parcels and deliveries may be done by using the delivery company's website. However, you may come across browser extensions claiming to provide you with the ability to enter a tracking number, and then see the parcel tracking information. These extensions are usually fake, especially if they are not affiliated with a particular delivery service. An example of such an add-on is Track Your Package Now – it claims to have great features, but, in reality, it does not do anything...

AllConvertersSearch is a browser add-on whose installation is not recommended. Its description says that this is a helpful utility meant to enhance your Web browsing experience by granting you access to a useful set of file conversion utilities. However, it does not boast such features and, instead, it can only redirect you to public file conversion websites and services. The same tools can be accessed without using 3rd-party software like AllConvertersSearch – all that you need to do is look...

ConvertrzSearch is a Potentially Unwanted Program (PUP) that may reside on your computer in the shape of a browser extension for Google Chrome or Mozilla Firefox. The purpose of this add-on is to help you convert documents from one format to another or do the same with video and audio files. Having such a helpful utility at your disposal may sound great, but we assure you that ConvertrzSearch is not as good as its description says. For starters, this extension does not supply any file...

The Kutaki Keylogger is a relatively unpopular threat in the world of cybercrime, but it is still being propagated by different cybercrime groups and threat actors actively. The keylogger also doubles as an infostealer since it has some data theft functionality embedded into its code. The malware appears to be propagated via fake email attachments exclusively, and it often may try to present itself as a legitimate application. Analyzing some of Kutaki Keylogger's payload revealed that its...

The Aim Ransomware is a file-locking Trojan that's part of a large Ransomware-as-a-Service, the Crysis Ransomware or the Dharma Ransomware. The Trojan blocks most media formats of files on the PC with encryption and sells a custom unlocking service for each victim. Users with backups can protect and recover their data without considering the ransom, while most anti-malware products will delete the Aim Ransomware. With the regularly reasserted theme of anonymous and 'secure' e-mail...

RadioSearches is a browser extension that may be available for both Google Chrome and Mozilla Firefox. Users may be interested in installing this add-on because it offers to give them access to a rich library of online radio streams that they can tune in for free. However, there is a catch. The RadioSearches add-on will replace your browser's default search engine with Feed.radio-searches.com, and set the default new tab page to Portal.radio-searches.com. These changes are not unsafe, and...

Maps-N-Directions is a browser extension that promises you great things before installing it, but it will fail to deliver on its promises. Users may be told that Maps-N-Directions is an excellent way to access online maps, driving instructions and routing help. However, the Maps-N-Directions does not support any features of this sort. Instead, its primary 'feature' can turn out to cause annoying issues by replacing your default new tab page with Hp.hmapsndirections.co. This website works like...

'We have installed one RaT software into your device' email scam is yet another sextortion tactic that may arrive in your inbox at any time, regardless of which country you reside in – the fraudsters are not picky about their targets, and they will send you an email as long as your address ends up in their mailing list. The 'We have installed one RaT software into your device' email scam claims that your computer has been infected by a threatening Trojan that was installed when you were...

If you ever come across an unknown website that asks you to perform an 'anti-robot' or 'human verification' check, you should know that this page is likely to be linked to an online tactic meant to hijack your browser notifications. The website Cvintertain.club is one of the pages that engage in such a tactic, and, unfortunately, plenty of users may fall for the simple trick that this page uses. When the users stumble upon Cvintertain.club's pop-ups and messages, they may be asked to press...

Online con artists often generate a lot of profit via paid advertisements that are delivered to users against their will. Usually, such cons are executed with the help of adware applications that manipulate a Web browser's behavior, so that it shows advertisements and pop-ups on a regular basis. However, a new type of con has gained popularity in the past two years, and it uses a different approach – instead of asking users to install suspicious software, the con artists just try to hijack...