retrorevivesearch.com is a fake search engine promoted by the Retro Revive browser hijacker. The hijacker is advertised as an extension that allows users to customize their new tab backgrounds with retro images. However, it both installs and behaves like a browser hijacker. It makes unauthorized changes to the browser’s settings and sets retrorevivesearch.com as the homepage and new tabs. It also…
TuneFinder is advertised as a useful browser extension, but is classified as an adware infection. It’s promoted as an extension that allows users to find songs and related information, like artist discographies, album details, etc. However, while it may seem useful to some users, its main purpose is to generate revenue by showing ads. That means bombarding users with all…
MARK ransomware is a file-encrypting malware that belongs to the Makop ransomware family. These types of infections take files hostage by encrypting them and demanding a payment for their recovery. Unfortunately, encrypted files will not be openable unless they’re first put through a decryptor. This ransomware can be identified by the extension it adds to encrypted files, specifically .[decsupp24@tuta.io].MARK. The…
The SyncAppFix scam refers to a crypto scam hosted on wallets.syncappfix.info that tries to phish information related to users’ crypto wallets. SyncAppFix is being promoted as a decentralized platform wallet that ensures the security and integrity of digital assets. However, the site promoting this scam tries to phish information related to users’ digital wallets. Specifically, the malicious actors operating this scam site…
If swsrc4you.com loads every time you open your browser, your computer is likely infected with a browser hijacker. Browser hijackers are not a serious infection, but they do cause issues as they change browsers’ settings. In this particular case, the hijacker will set swsrc4you.com as your homepage/new tabs. The hijacker is also promoting a fake search engine that does not work and…
There is currently an Onyx Goliath Staking crypto scam going around, trying to trick users into connecting their crypto wallets to a fraudulent site that activates a crypto drainer that steals all funds in the wallet. The scam is hosted on onyx-migration.com, a nearly identical site to onyx.org, the legitimate site for the Onyx blockchain platform. The Onyx platform is in…
quicknetshift.co.in is a deceptive website, identical to thousands of other sites that all aim to trick users into allowing desktop ads. A legitimate browser feature is misused for this, which is why if you click “Allow” on the “quicknetshift.co.in wants to show notifications” alert, the site will be authorized to show ads on your desktop. The feature does have its…
The “SingularityNET (AGIX) Airdrop” scam is hosted on agix-finance.com, and it promotes a fake crypto giveaway. The site tries to trick users into connecting their crypto wallets so a crypto drainer could be activated to steal all funds in the wallets. SingularityNET is a legitimate platform, but it has nothing to do with this scam. Malicious actors have merely created a…