While investigating suspect websites, our research team discovered the monadvworld[.]com rogue page. The purpose of this webpage is to trick visitors into permitting browser notification delivery. It can also redirect them to other (likely unreliable/hazardous) sites. Most users access monadvworl
DarkNetRuss is ransomware (a variant of CyberVolk) designed to encrypt files. Additionally, it appends the ".DarkRuss_CyberVolk" extension to the encrypted files and provides a ransom note ("DECRYPT_INSTRUCTIONS.txt"). An example of how DarkNetRuss renames files: it changes "1.jpg" to "1.jpg.DarkR
Monadvstudio[.]com is a rogue webpage designed to promote browser notification spam and redirect users to different (likely unreliable/dangerous) sites. Most visitors to pages of this kind access them through redirects produced by websites employing rogue advertising networks. In fact, our researc
RedHook is a banking trojan that targets Android operating systems. This malicious program has been around since at least the autumn of 2024, and has multiple versions. There is some evidence suggesting that the threat actors behind this malware are Chinese speakers. As of the time of writing, it
After reviewing miredindeed[.]net, we found that it employs clickbait tactics to deceive visitors into allowing notifications. If permitted, the site can deliver intrusive notifications containing links to other untrustworthy websites. For these reasons, miredindeed[.]net should not be trusted.
We have inspected misridgefield[.]com and concluded that it uses clickbait to trick visitors into granting it permission to send notifications to their devices. If allowed, misridgefield[.]com can display annoying notifications with links to other untrustworthy websites. Misridgefield[.]co
After analyzing magicbarsllc[.]com, we determined that the website is crafted to mislead visitors into accepting its notifications. If granted permission to show notifications, the site can exploit it to direct users to other suspicious websites. For these reasons, magicbarsllc[.]com should be avo
Raven is an information-stealing malware created with Delphi and C++. It focuses on stealing personal and sensitive information from infected devices. The malware operates quietly to avoid detection and can perform its activities with minimal operator involvement. If detected on a device, Raven sh
Our research team found medicmediai[.]com during a routine inspection of suspect websites. Upon examination, we learned that this rogue page endorses spam browser notifications and produces redirects to different (likely dubious/harmful) sites. The majority of visitors to medicmediai[.]com and we
Our inspection of the "Annual Financial Review Status" email revealed that it is spam. This message instructs the recipient to review the annual financial document to proceed with its finalization. The goal of this spam campaign is to deceive recipients into installing the ConnectWise ScreenConnec