Our research team discovered sogionowlid[.]com while browsing untrustworthy sites. Upon examination, we learned that this rogue page promotes browser notification spam and redirects users to different (likely unreliable/dangerous) websites. Most visitors to webpages like sogionowlid[.]com enter th
Cancouss.com is a rogue webpage designed to deceive visitors into permitting browser notification delivery. It is also capable of producing redirects to other (likely unreliable/dangerous) sites. Our researchers discovered this page while investigating websites that use rogue advertising networks
Our team has examined the email and concluded that it is a scam. It contains a fraudulent delivery notification and a link to an untrustworthy website. Falling for this scam can lead to data theft, computer infections, and other issues. Thus, recipients should ignore this message. The scam
Our review indicates that this email is a scam, crafted to seem urgent and important to entice recipients into clicking the provided link. The attackers behind it are attempting to steal personal information. Following the instructions provided in the email and on the deceptive page can result in
During our inspection of malware samples submitted to VirusTotal, we discovered ransomware called ClearWater. Once executed, ClearWater encrypts victim's files and appends its extension (".clear"). For instance, it renames "1.jpg" to "1.jpg.clear" and "2.png" to "2.png.clear". It also creates a te
We have inspected the site (solbullishdegen[.]com) and determined that it is designed to trick recipients into compromising their cryptocurrency wallets. It copies the design of the original BULLISH website (bullishdegen.com) to appear trustworthy. This website should be avoided to prevent financi
Our analysis shows that this is a scam email that is designed to appear urgent and important to trick recipients into opening the included link. The scammers behind this fraudulent email aim to extract personal information. Falling for this scam can lead to account hijacking and further issues.
Our analysis of ovitchon[.]com shows that it uses a misleading method to persuade users to allow browser notifications. After permission is granted, these notifications may be abused to deliver unwanted and annoying content. For this reason, users should never agree to get notifications from pages
AuraStealer is a malware-as-a-service (MaaS) infostealer written in C++. It is offered through tiered subscriptions: Basic at $295/month, Advanced at $585/month, and a Team plan for collaborative use. The malware targets various applications, including web browsers and their extensions. If detecte
VVS is a Python‑based information‑stealing malware. It primarily targets Discord data and information saved in web browsers. The VVS stealer utilizes PyArmor to obfuscate its code, making analysis more difficult and enabling it to evade detection by security tools. If VVS is noticed on a device, i