ApolloShadow is the name of a malicious program that has been observed in cyber espionage campaigns. It is a custom-built malware used by a threat actor dubbed "Secret Blizzard". This group is believed to be a part of the FSB (Federal Security Service of the Russian Federation). Secret Blizzard ha
Our team has analysed the email and found that it is a fake letter regarding compensation. The scammer behind it pretends to be a well-known person and offers recipients a large sum of money. As a rule, the purpose of such emails is to extract money or information from unsuspecting recipients.
We have tested mobiletips.in and found that it is a questionable search engine promoted through unwanted extensions. These extensions force users to visit mobiletips.in by hijacking browsers. It is not advisable to use mobiletips.in or the associated browser hijackers. Questionable search
Servileness.app is a rogue application discovered by our researchers while reviewing new file submissions to the VirusTotal website. After inspecting this piece of software, we determined that it is adware. We also found that Servileness.app belongs to the Pirrit adware family. Adware st
While browsing dubious websites, our research team discovered the dravixloro.co[.]in rogue page. After examining it, we determined that this webpage promotes browser notification spam and produces redirects to different (likely unreliable/hazardous) sites. Dravixloro.co[.]in and pages akin to it
Acemmully.co[.]in is a rogue webpage discovered by our researchers during a routine inspection of suspicious websites. This page is designed to promote browser notifications spam and redirect users to other (likely unreliable/harmful) sites. Most visitors to acemmully.co[.]in and similar webpages
We have inspected the site and concluded that it is a scam involving a fake alert (and other elements) to trick visitors into taking certain steps. Also, this scam site requests permission to show notifications (granting it can expose users to more scams). Thus, users should close this website if
Bl@ckLocker is ransomware that we discovered during a routine analysis of samples uploaded to VirusTotal. Once executed on a device, Bl@ckLocker encrypts files, appends the ".BL@CKLOCKED" extension to them, changes the wallpaper, and creates a file ("Instructions.html") containing a ransom note.
Our examination of bridgechainweb[.]com has revealed that it uses clickbait to trick visitors into allowing it to show notifications. If the site obtains this permission, it can send fake alerts and similar messages designed to promote potentially malicious websites. Thus, bridgechainweb[.]com sho
During our analysis, we discovered that rechuslier[.]com is created to deceive visitors into allowing notifications. Once given permission, the site can push misleading alerts and similar messages that lead users to various unreliable websites. For this reason, it is best to avoid rechuslier[.]com