SantaStealer is malicious software used to collect sensitive data from compromised systems. It is sold as a Malware-as-a-Service through Telegram channels and underground forums. Research suggests it was previously known as BluelineStealer. The malware avoids detection by running in memory and tra
While investigating suspect websites, our researchers discovered the news-jafexe[.]cc rogue page. It operates by promoting browser notification spam and generating redirects to different (likely unreliable/harmful) sites. Most users enter webpages like news-jafexe[.]cc via redirects produced by we
While investigating suspicious websites, our researchers discovered this fake "Hypurr Fun ($HFUN) Allocation" page. It is not associated with the actual Hypurr Fun platform. This scam aims to deceive victims into exposing their cryptowallets to a cryptocurrency drainer. IMPORTANT NOTE: We do
After examining this "DHL Express - Incomplete Address Information" email, we determined that it is fake. This spam message urges the recipient to update their shipping information to complete the delivery. The purpose of this phishing campaign is to deceive recipients into disclosing their email
Our inspection has shown that it is a fake email claiming to be regarding a payment receipt. It is designed to deceive unsuspecting recipients into opening the provided website and entering personal information. Victims of this scam may be unable to access their accounts and encounter further issu
Our inspection of the "American Express - Account On Hold" email revealed that it is fake. This spam message notifies the recipient of a mandatory identity verification. The goal of this phishing campaign is to obtain victims' banking account log-in credentials. It must be stressed that this email
We have reviewed this email and found that it is written by scammers who seek to trick recipients into disclosing personal information. Such scams are known as phishing attempts. This email is disguised as a notification from an email service provider and contains a link to a fake page designed to
Our research team found the sweenflopanuggy[.]com rogue page while browsing suspicious websites. This webpage is designed to endorse spam browser notifications and redirect users to various (likely unreliable/dangerous) sites. Sweenflopanuggy[.]com and analogous pages are primarily accessed throug
Our researchers discovered Pryct ransomware while inspecting file submissions to the VirusTotal platform. This malware is designed to encrypt the victim's data in order to demand a ransom for its decryption. On our testing system, Pryct encrypted files and added a ".pryct" extension to their name
During a routine investigation, our researchers discovered the newtab.art fake search engine. It cannot provide search results and redirects to a legitimate search engine. These sites are promoted through redirects generated by software within the browser hijacker classification. Typically