Threat Database Browser Hijackers

The domain is associated with cases of browser hijacking, phishing pages, and misleading software promotion. Upon closer inspection, it was revealed that the domain often switches IP addresses, and there are many proxies found to redirect users through the domain. Frequent IP address switching and Web traffic from proxies is associated with questionable marketing practices most of the time, but it is a practice that many malware distributors lite to employ too. The latest IP address to offer content for appears to provide fake database update packages and trigger alerts from multiple AV engines. The latest alert names connected to include:

Adware ( 005460da1 )
Generic PUA DO (PUA)
malicious_confidence_90% (D)

Unexpected browser redirects to and proxies related to the domain may signal an infection with a browser hijacker and riskware. PC users who might be presented with software downloads at and "critical updates to the browser" alerts should consider running a complete system scan. It is best to avoid downloading programs and interaction with notifications from to limit the risk of a security compromise. You may want to make sure that you are running the latest version of your Internet client and no outdated applications are facing the Internet without proper access configuration.


Most Viewed