While investigating untrustworthy websites, our researchers discovered the sipicatatrania.co[.]in rogue page. Upon examination, we determined that it promotes browser notification spam and redirects users to different (likely unreliable/hazardous) sites. The majority of visitors to sipicatatrania
Our researchers found the RDAT ransomware during a routine inspection of new file submissions to the VirusTotal website. This malicious program belongs to the Dharma ransomware family. Ransomware is designed to encrypt data and demand ransoms for the decryption. When we executed a sample of RDAT
Our examination of drovixzaro.co[.]in has revealed that it uses a deceptive method to obtain permission to send notifications. If allowed, drovixzaro.co[.]in can send misleading notifications (e.g., fake alerts) to trick users into interacting with them. This site should not be trusted. Dr
QuirkyLoader is a malicious program classed as a loader. This type of malware is designed to download/install additional malicious programs or components onto compromised machines (i.e., cause chain infections). It has been used to deliver various data stealers and RATs (Remote Access Trojans). Q
We have tested the PDF Editor By AppSuite application and found that it is supposed to allow users to view, convert, fill, merge, sign, and compress PDF files. However, our research shows that it can cause unwanted redirects and have traits of a browser hijacker. Thus, it is advisable to avoid ins
We have examined install-check[.]com and found that it displays questionable content and wants to show notifications. Allowing install-check[.]com to send notifications can expose users to various online threats (e.g., scams and malware). Users should avoid visiting install-check[.]com. In
We analyzed exemorbuy[.]com and found that it uses clickbait to trick visitors into enabling its notifications. Once permission is granted, the site can deliver deceptive notifications, such as fake alerts. Therefore, it is best to avoid exemorbuy[.]com and never allow web pages of this kind to se
Torringla[.]com is a rogue webpage designed to promote spam browser notifications and redirect visitors to different (likely dubious/malicious) sites. Most users access pages of this kind through redirects produced by websites that employ rogue advertising networks. In fact, our research team disc
We discovered the "Install Antivirus Now To Remove Threats And Protect Your PC" scam while investigating PUAs (Potentially Unwanted Applications). The scam consists of the unwanted software displaying full-screen pop-up windows that use scare tactics to pressure users into downloading/installing a
After examining this "Security Notice - AI Assist Now Available" email, we determined that it is spam. This message advises the recipient to implement an AI-powered security tool to secure their email account. The purpose of this spam campaign is to deceive recipients into disclosing their email l