We have inspected the email and found that it contains a fake notification claiming the recipient's mailbox has incoming messages stuck in quarantine due to oversized attachments. It is a phishing email designed to steal email account login credentials from unsuspecting individuals. This message s
We have inspected the email and found that it contains a fake notification claiming that the recipient's mailbox has not been validated and could be suspended. It is a phishing email designed to steal email account login credentials from unsuspecting recipients. It should be ignored to avoid havin
We have inspected the email and found that it contains a fake notification about a SWIFT wire transfer confirmation copy supposedly attached for review. It is a phishing email designed to steal email account credentials from unsuspecting recipients through a fraudulent login page that imitates whi
FlutterShell is a backdoor targeting macOS users. It is delivered inside fake-but-working Mac apps (a podcast player and PDF viewers) and gives attackers remote control of an infected Mac through a hidden browser window. Researchers at Palo Alto Networks Unit 42 documented the malware as part of
We have inspected the website vote-ethfi[.]app and found that it imitates the official ether.fi platform, presenting a fake "$ETHFI Rewards Allocation Proposal" governance vote. The page is designed to trick visitors into connecting their cryptocurrency wallets, which can lead to the theft of digi
We have inspected the website reward-kinetiq[.]xyz and found that it impersonates Kinetiq, a liquid staking platform, by promoting a fake voting rewards proposal. It is designed to trick visitors into connecting their cryptocurrency wallets, which can result in financial losses. IMPORTANT NO
Our researchers discovered the Search Toggler browser hijacker while reviewing extensions promoted through their own dedicated websites. Despite its description promising an easier way to switch between search engines, Search Toggler quietly reassigns the browser's search settings to searchtoggler
Our researchers inspected the View Menu with Prices browser extension and found that it carries the traits of a browser hijacker. Once installed, it quietly changes the browser's default search engine to viewmenuprices.com. View Menu with Prices is presented as a handy way to look up restaurant m
Our research team discovered the Great Start - Homepage browser hijacker while inspecting extensions distributed through the Chrome Web Store. Despite its harmless-sounding name, this extension changes browser settings to promote greatstartapp.com, a page connected to a fake search engine. Great
Our researchers found My Focal Find while analyzing a rogue installation setup and noticed that it has the traits of a browser hijacker. Once added to a browser, this extension changes its settings to promote myfocalfind.com, a fake search engine. This article explains what My Focal Find does, ho