We have examined rengine[.]click and found that it displays deceptive messages to trick visitors into agreeing to get its notifications. If this permission is given, rengine[.]click can bombard users with misleading notifications that can lead them to potentially malicious websites. Once r
We have reviewed the email and found that it is a fake notification regarding a "blocked account". Its purpose is to lure recipients into opening a deceptive web page and entering personal information. Emails like this one are classified as phishing, and recipients should ignore them. This
BOFAMET is a data stealer written in the Golang programming language and designed to extract information from targeted systems. The malware is capable of stealing various files, system information, data from browsers and other apps, and more. Victims should remove BOFAMET from infected devices as
JustIce is ransomware designed to prevent victims from accessing files through encryption. Additionally, the malware appends its extension to files (".JustIce"), changes the desktop wallpaper, and provides a ransom note ("README.txt"). An example of how files encrypted by JustIce are renamed: "1.
Xentari is a ransomware written in the Python programming language. It is designed to encrypt data and demand payment for the decryption. After we executed a sample of Xentari on our test machine, it encrypted files and created a ransom note. Files encrypted by this malware have the ".xentari" ex
Xefkqo[.]info is a rogue webpage discovered by our researchers during a routine inspection of suspicious sites. Upon examination, we determined that this page endorses browser notification spam and redirects users to other (likely untrustworthy and/or malicious) websites. Most visitors to xefkqo[
Veihqy[.]click is a rogue page that our research team found during a routine inspection of suspicious websites. The webpage's purpose is to promote browser notifications spam. It can also redirect users to other (likely unreliable/malicious) sites. Most visitors to veihqy[.]click and similar pages
We have reviewed nsnetwork[.]pro and concluded that it is a deceptive web page that uses clickbait to trick visitors into allowing it to send notifications. If nsnetwork[.]pro obtains this permission, it can deliver fake alerts and other misleading messages. Thus, this page should be avoided.
Our researchers discovered droxiluma.co[.]in while browsing untrustworthy websites. After examining this rogue webpage, we learned that it promotes browser notification spam and generates redirects to different (likely dubious/harmful) sites. Droxiluma.co[.]in and pages akin to it are primarily ac
PureRAT is a remote access Trojan (RAT) utilized to steal sensitive information from infected devices. It sends stolen information to the C2 server controlled by the attackers. In addition to stealing data, PureRAT can be used for other malicious purposes. It is known to be delivered via deceptive