PDF Converter Hub (a.k.a. PDF Converter Hub New Tab, Search.hpdfconverterhub.com) is potentially unwanted browser extension for Google Chrome, Mozilla Firefox and Safari. Malware originates from Cyprus and was developed by Eightpoint Technologies Ltd. (some sources indicate SpringTech Ltd.) It modifies search and homepage settings in these browsers and controls them not allowing users to make changes. Hijacker sets search.hpdfconverterhub.com as default search engine, new tab and home page. However, search queries typed in the search box are redirected to search.yahoo.com, so there can be some kind of affiliation or partnership between large search provider and developer of the add-on. PDF Converter Hub also constantly offers users to subscribe to its notifications, which will lead to getting unwanted advertising as desktop notifications. Main page itself consists of toolbar, search box, informational links and shortcuts to popular shopping sites and social networks. PDF Converter Hub is promoted as convenient tool for converting various file formats to PDF and vice versa.
Push-time.com is unsafe website, that is used for social engineering attack in Google Chrome, Mozilla Firefox, Internet Explorer, Safari or Edge browsers on Windows, Mac or Android operating systems. Main goal of such shady websites is to subscribe users to browser notifications, using trickery and fraud. Notifications is a function in modern browsers, when news or subscription updates are delivered to the desktops even when the browser’s window is closed. The idea behind this, is to inform users about hot news, social networks updates or new YouTube videos from subscriptions. However, cool feature was turned to their advantage by advertising networks. The Push-time.com is one of thousands domains, using similar technique to fool unsuspecting users.
MacAppExtensions (Adware.MAC.Linkury.C) is malware related to Search.tapufind.com hijacker, that we described in some of our earlier articles. It works in MacOS and targets Safari, Google Chrome and Mozilla Firefox browsers. The main symptom is, that your browsers search and homepage settings change to search.tapufind.com, and this setting cannot be modified until MacAppExtensions is removed. However, this virus not only hijacks the browser, but also gathers private information about its user (collects data related to browsing activity: geolocations, entered search queries, URLs of visited websites, IP addresses etc.).
Robotcaptcha.info is adverse domain, that may show unwanted pop-ups and ads in Google Chrome, Mozilla Firefox, Internet Explorer Safari or Edge browsers on Windows, Mac or Android operating systems. Landing pages from Robotcaptcha.info appear from nowhere and offer users to subscribe to notifications. This is feature in modern browsers, that help users get actual news in faster and convenient way. However, on the other side of this, when website is of advertising nature, users start receiving ads, pop-ups, tech support scam messages on their desktops. This is an element of social engineering, and clicking “Allow” button, actually, subscribes users to notifications. At the same time, Robotcaptcha.info initiates standard dialog box window with option to allow or block notifications from site you are visiting. If person clicks on the “Allow” button, users will start receiving unwanted pop-up ads from Robotcaptcha.info directly on the desktop even when browser is closed.
Geofright.com (5.geofright.com, 23.geofright.com) is malicious website, that hosts phishing and fraudulent pages and subdomains, that trick users into subscribing to unwanted notifications in Google Chrome, Mozilla Firefox, Safari, Edge, Internet Explorer browsers, running on Windows, Mac or Android. Users land on websites like Geofright.com after multiple misleading redirects after visiting questionable online resources. After this users start getting ads, pop-ups, tech support scam messages on their desktops. This tutorial describes ways to remove Geofright.com and stop ads, pop-ups and notifications from such sites.