ChimeraWire is a type of malware (a Trojan) that runs on Windows computers. It uses the functionality of open-source tools called zlsgo and Rod, which are normally used to automate actions on websites. This malware controls Chrome to simulate human browsing behavior, making websites appear more po
Our team analyzed reirnately[.]com and discovered that it employs misleading methods to get users to allow notifications. After permission is given, the site can send bogus alerts, offers, and other kinds of messages containing links to questionable and potentially malicious websites. This and sim
Rusty Lockbox (also known as Rusty Locker) is ransomware that we discovered during a routine inspection of malware samples uploaded to VirusTotal. After execution, Rusty Lockbox encrypts files and renames them by replacing their filenames with a random string of characters and appending its extens
Our team reviewed news-hutute[.]com and found that it uses deceptive tactics to trick users into accepting its notifications. Once permission is granted, the site can flood users with unwanted ads, fake alerts, and other messages linking to potentially harmful pages. For this reason, news-hutute[.
While investigating unreliable sites, our research team discovered news-jinoti[.]com. Upon examination, we determined that this rogue page promotes browser notification spam and redirects visitors to various (likely untrustworthy/malicious) websites. Most users access webpages like news-jinoti[.]c
News-jagone[.]com is a webpage discovered by our researchers during a routine inspection of untrustworthy websites. This page is designed to promote spam browser notifications and redirect visitors to other (likely dubious/harmful) sites. Redirects caused by websites utilizing rogue advertising ne
FvncBot is a trojan targeting Android OSes (Operating Systems). It is a multifunctional malicious program that can execute various commands on infected devices and perform overlay attacks. In the autumn of 2025, FvncBot was discovered being distributed under the guise of an app associated with mBa
SeedSnatcher is an Android malware disguised as a crypto app named Coin (this app functions as a loader). The malware is often delivered through Telegram channels. It starts with basic permission requests before gaining access to files, contacts, call logs, and other private data. Cybercriminals u
Our research team discovered the Emperor malicious program while browsing new file submissions to the VirusTotal website. We determined that Emperor is a ransomware-type program that encrypts data and demands a ransom for the decryption. On our testing system, this malware encrypted files and add
Our researchers discovered nummusely[.]com while browsing suspicious sites. After examining this rogue webpage, we learned that it endorses browser notification spam and generates redirects to various (likely unreliable/malicious) websites. Most visitors to pages like nummusely[.]com enter them th