During a routine inspection of untrustworthy websites, our researchers discovered the yourdesktopdefence[.]com webpage. It promotes scam content, pushes spam browser notifications, and redirects visitors to other (likely unreliable/malicious) sites. Most users enter yourdesktopdefence[.]com and s
While researching dubious download pages, we discovered the flow dark browser extension, which promises to enable dark mode for simple design websites. After analyzing this extension, we determined that this piece of software operates as a browser hijacker that promotes the getsins.com fake search
While inspecting "cracked" software download websites, our research team discovered the "3N7gh7mg4hyxnwGTFUpjHfpZh154Eu7rYD" malware. Malicious programs within this classification are also known as clipboard hijackers, as they are designed to change the data copied into the infected system's clipb
Dating-point[.]top is a deceptive website designed to trick visitors into allowing it to show notifications. Our team has discovered dating-point[.]top while examining other shady websites (e.g., illegal movie streaming, torrent sites) that use questionable advertising networks. It is very uncommo
We have discovered the exclusivedealsfinder[.]com website while inspecting other pages that use rogue advertising networks. Exclusivedealsfinder[.]com runs a fake endorsement for a CBD company and asks for permission to show notifications. It is strongly advisable not to trust this site or agree t
We have examined this email and found that the cybercriminals behind it attempt to trick recipients into executing a malicious file extracted from the attached file. It is disguised as a letter from DHL (a legitimate logistics company) regarding shipping documents that require review. Cybe
SMSSpy refers to a piece of malicious software masquerading as various applications of legitimate e-commerce platforms. This malware aims to obtain victims' online banking credentials and thus gain access to the funds stored in the accounts. At the time we researched SMSSpy, it targeted Malaysian
Sapphire is the name of a cryptocurrency miner. This malware is sold in hacker forums for 75 euros. Sapphire can mine XMR (Monero), ERGO, ETC (Ethereum Classic), and ETH (Ethereum) cryptocurrencies. Additionally, this miner can avoid being detected by Windows Defender, hide from Task Manager and
During a routine inspection of VirusTotal submissions, our research team discovered yet another ransomware-type program belonging to the Djvu family. The program in question is named - Ghas. Once launched onto our test machine, this ransomware began encrypting files and appending their filenames
We have discovered MATILAN while inspecting malware samples submitted to VirusTotal. It was found that MATILAN is ransomware designed to encrypt files, append the ".MATILAN" extension to filenames, and generate three ransom notes. Before logging into Windows, a ransom note appears on a black scre