Deceiving domain - is a website that users who downloaded and installed a toolbar called "SweetIM." The application has been around for over 10 years and the is not considered to be safe - neither by users or security experts.

Soon upon infiltration is set as a homepage and a new tab URL, along with a customized search engine. As a result, users are browsing the web via insecure HTTP connection (which means that cyberattackers can intercept the information entered into the site), and the search results are not organic, i.e., the top searchers returned by the engine are sponsored links. However, inexperienced users may not distinguish between real and fake links, which essentially changes the way they browse the web.

Besides, might also be embedded with insecure advertisements that use phishing in order to make users click on them. This can result in the installation of other potentially unwanted programs or monetary loss due to scams.

Type Browser hijacker
Developer MacroGaming LTD, SweetIM Technologies
Background process SweetIM.exe
Aim To divert users' traffic to sponsored, affiliated, and other sites that sometimes might not be secure
Detection Two anti-virus engines detect the domain as malicious/suspicious violations

2CR-015: is detected by two anti-virus vendors as malicious/suspicious is detected by two anti-virus vendors as malicious/suspicious