Our researchers found the Popup Blocker Max browser extension while investigating dubious websites. It is promoted as a tool for blocking pop-ups and other types of ads (ad blocker). Upon inspection, we determined that this extension operates as adware – i.e., it displays advertisements. A
After reading this "Google Anniversary Award" email, we determined that it is a phishing scam. This spam message claims that the recipient has been selected as a winner in an award organized by Google. It must be emphasized that this email is fake and not associated with the actual Google LLC. Th
Trendthreadlink[.]com is a rogue page discovered by our researchers during a routine investigative session. This webpage promotes deceptive content and browser notification spam. It can redirect users to different (likely untrustworthy/malicious) sites as well. Most visitors to trendthreadlink[.]
After inspecting this "Online Webmail Deactivation" email, we determined that it is spam. This is a phishing email targeting log-in credentials by claiming that the account has been blocked and will be deactivated unless the appropriate actions are taken. The spam email with the subject "N
We inspected osx-defender[.]pro and found that it is crafted to trick visitors into agreeing to receive its notifications. The site uses clickbait to obtain permission to deliver notifications. Usually, if allowed, sites like osx-defender[.]pro send fake warnings and other messages to lure users i
We have examined the email and concluded that it is a fake letter regarding a Webmail account password validation. We classified it as a phishing email because it contains links leading to a deceptive website designed to steal login credentials from unsuspecting recipients. This email should be ig
TetraLoader is a loader-type malware written in the Rust programming language. Software within this classification is designed to cause chain infections. TetraLoader was built using the MaLoader builder, which is written in Simplified Chinese and has been publicly available since December 2024. T
Our team discovered Asulo while inspecting samples uploaded to the VirusTotal platforms. Our key findings are that Asulo is ransomware from the Xorist family designed to encrypt files and append the ".asulo" extension to them. Additionally, Asulo changes the desktop wallpaper, displays a pop-up wi
Our inspection of the AdEscape has revealed that it is a browser extension capable of delivering unwanted advertisements. For this reason, we classified AdEscape as adware. It is worth noting that this extension is promoted using deceptive websites and ads displayed by it may lead to potentially m
Our team has inspected the email and found that this is a fake notification regarding an unusual login activity. The email includes a deceptive link designed to open a fake website. On this site, users are instructed to provide personal information. The goal of this scam is to extract that informa