Navi RAT is a Remote Access Trojan (RAT) written in the Go programming language. Beyond remote access, it also functions as an information stealer, collecting cryptocurrency wallet data, Roblox session cookies, files, and other personal information from infected devices. Threats like this typical
Our researchers discovered growthsummitlabs[.]com while investigating dubious websites. After examining this rogue page, we determined that it promotes browser notification spam and generates redirects to other (likely unreliable or dangerous) sites. Growthsummitlabs[.]com impersonates a G
Our research team found the trackturbonest[.]co.in rogue page while investigating suspicious websites. After inspecting this webpage, we learned that it uses a fake CAPTCHA to trick visitors into allowing browser notifications. Once permission is granted, trackturbonest[.]co.in delivers fake virus
We analyzed this page and found that it runs a fake Microsoft Defender alert designed to trick visitors into purchasing antivirus software through an affiliate link. The page impersonates a Windows security system - displaying a fabricated sign-in warning, a fake scan, and alarming vulnerability r
During a routine inspection, our team came across signalqueryhub.com - a fake search engine that is spread through browser hijackers and similar unwanted software. It cannot generate search results on its own and instead redirects users through intermediary sites to land on a legitimate engine. S
CastleStealer is an information stealer that targets Windows computers. It is delivered by a custom Windows loader called OXLOADER, which handles the initial infection and drops the stealer payload onto the compromised system. Elastic Security Labs researchers documented the campaign and identifi
We have inspected this email and determined that it is a phishing scam. The message poses as a routine IT department notice about mailbox storage and security maintenance. It aims to trick recipients into entering their email credentials on a fraudulent login page. This email should be ignored.
We have examined this "We Have Processed Your Payment" email and concluded that it is a phishing message. It is disguised as a payment notification from AccertaClaim ServiCorp Inc. and tries to lure recipients into signing in on a fraudulent webpage. Anyone who receives this email should ignore it
We have examined this email and determined it is a phishing scam. The message is disguised as a document notification from DocuSign, falsely claiming that an outstanding invoice is ready for the recipient's review and signature. Clicking the provided button leads to a fake webmail login page desig
After inspecting this email, we determined that it is a scam. The message is designed to appear as a vendor registration invitation from Flydubai Aviation Group. The scammers behind it seek to trick businesses into sharing sensitive information and eventually paying fake fees. This letter should b