Our research team found medicmediai[.]com during a routine inspection of suspect websites. Upon examination, we learned that this rogue page endorses spam browser notifications and produces redirects to different (likely dubious/harmful) sites. The majority of visitors to medicmediai[.]com and we
Our inspection of the "Annual Financial Review Status" email revealed that it is spam. This message instructs the recipient to review the annual financial document to proceed with its finalization. The goal of this spam campaign is to deceive recipients into installing the ConnectWise ScreenConnec
Madstudiyo[.]com is a rogue webpage designed to promote browser notification spam and redirect users to different (likely unreliable/hazardous sites. Most visitors to such pages access them via redirects produced by websites employing rogue advertising networks. Our researchers discovered madstudi
Our research team found the loboodae[.]com rogue page while inspecting dubious websites. It is designed to promote browser notification spam and generate redirects to different (likely unreliable/harmful) sites. Loboodae[.]com and similar webpages are primarily accessed via redirects caused by web
We have inspected lookinews[.]com and concluded that it is designed to trick visitors into granting it permission to show notifications. The site uses clickbait to achieve this. If allowed, lookinews[.]com can display annoying and often deceptive notifications to promote other shady websites.
After reviewing leoligallize[.]com, we found that the site is designed to deceive visitors into enabling browser notifications. If accepted, notifications from leoligallize[.]com can be used to trick users into opening other shady sites via misleading alerts, offers, or similar content. Thus, leol
Efimer is malware used to steal cryptocurrency. It spreads through infected WordPress sites, malicious torrent files, and deceptive emails. The malware communicates with its operators over the Tor network and uses specific scripts to compromise vulnerable WordPress pages and gather email addresses
SoupDealer is a Java-based three-stage malware loader capable of bypassing traditional antivirus and sandbox solutions. Cybercriminals were observed targeting computers running Windows operating systems located in Turkey. The malware is used to obtain remote access to infected systems. The
DarkCloud is a malicious program classed as a stealer. Malware within this classification is designed to steal sensitive information from infected systems. DarkCloud stealer has been observed using sophisticated infiltration and anti-analysis/anti-detection techniques. DarkCloud has infilt
After inspecting this "Monthly e-Statement" email, we determined that it is spam. It is presented as a notification concerning a monthly statement that has been sent. Upon further investigation, we learned that with this lure – recipients are tricked into installing a malicious application called