Vmos.xyz
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
| Threat Level: | 20 % (Normal) |
| Infected Computers: | 1 |
| First Seen: | January 25, 2019 |
| Last Seen: | January 30, 2019 |
| OS(es) Affected: | Windows |
The vmos.xyz address belongs to a fake search engine. Users are highly unlikely to willingly resort to the services of such untrustworthy engines. That is why the operators of these sites rely on applications known as browser hijackers and PUP (Potentially Unwanted Programs) to take the users to them. Vmos.xyz is not an exception and two different PUPs have been associated with it - SApp+ and Ext Apps.
Typically, users do not realize that an intruder application is being deployed on their computers or devices. Indeed, these applications are not spread through the normal distribution channels. Instead, they rely on questionable techniques designed to hide their installation such as a scheme known as bundling or fake software installers/updates.
Once inside the device, browser hijackers target the browser's settings and modify them to open the promoted address. Usually, the homepage, the new tab page, and the default search engine are affected. However, SApp+ and Ext Apps have been observed to operate in a different manner. They leave the aforementioned settings alone. Instead, they are capable of detecting when users initiate Web searches and then redirecting them to vmos.xyz.
It should be noted that the vmox.xyz fake engine may be one of the destinations in a redirect chain that goes through other dubious engines. In fact, infosec researchers have observed that on Chrome, before reaching vmos.xyz, the redirects go through bytsm.xyz. On Firefox, users may first be taken to searchmes.xyz or other fake engines.
There is another potential risk related to having a PUP installed on your device - these applications are notorious for having data-tracking capabilities. Various information related to the browsing activities of the user as well as numerous device details may be harvested and then transmitted to a remote server controlled by the PUP's operators.
