Searchvaults.com
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
| Threat Level: | 50 % (Medium) |
| Infected Computers: | 149 |
| First Seen: | May 17, 2016 |
| Last Seen: | November 25, 2022 |
| OS(es) Affected: | Windows |
Searchvaults.com is a domain that was registered on December 20th, 2017, by Aztec Media Inc. in relation to its product 'Photorito' from h[tt]ps://searchvaults[.]com/ and h[tt]p://enhancedsearch[.]me/. You might want to know that 'Photorito' by Aztec Media was released earlier in 2017 under the name 'Photor' and was published on h[tt]p://photorext[.]net/. Both products appear identical in appearance and functionality with their ability to change the user's Internet settings and new tab page settings. The new variant dubbed 'Photorito' is promoted via an insecure page that uses an invalid SSL certificate by Let's Encrypt for Enhancedsearch[.]me. The app is proposed to users with the following message:
'Photorito is a new Chrome extension for beautiful browsing and search experience. Every 6 hours your background will be changed with fresh and stunning image. Beside beautiful background changer, you can check the weather in your location with hourly and 4 day forecast. Every time you go back to your homepage or do new tab, you'll be greeted with beautiful and inspiring photos.The neatness of Photorito interface is a refreshment for the eye and a practical tool for your everyday search.'
The message shown above is displayed at h[tt]ps://searchvaults[.]com/ and h[tt]p://enhancedsearch[.]me/ and may be accompanied by a link to a hidden Chrome Extension. Introducing the 'Photorito' extension in Chrome results in changing the functionality of the Omnibox. 'Photorito' alters your primary search provider and new tab page to Searchvaults.com. The Searchvaults.com site includes pre-configured speed dial and a search bar that is powered by Yahoo. We found that Searchvaults.com has a clone at h[tt]p://searchprotector[.]net/index.html and a slightly modified copy at h[tt]p://findiosearch[.]com/ and h[tt]p://safeforsearch[.]net/. The 'Photorito' software is used by Aztec Media to divert Web traffic to ads on Yahoo and rival services by Google. However, many Web surfers might not like the various browser redirects performed by 'Photorito' and the lack of customizations on the Searchvaults.com New Tab page. Searchvaults.com is associated with Potentially Unwanted Programs (PUPs) by Aztec Media and tracking beacons that you may want to remove with the help of a reliable anti-spyware scanner.
URLs
Searchvaults.com may call the following URLs:
| searchvaults.com |
