Seidr is a stealer-type malware written in the C++ programming language. This malicious program is designed to steal data from infected devices. Seidr targets a variety of sensitive information, including saved log-in credentials and cryptocurrency wallets. Additionally, Seidr can function as a ke
AwSpy is the name of a malicious program targeting Android operating systems. It is classed as spyware; software within this class is designed to stealthily record and exfiltrate content from devices. AwSpy has been observed targeting users in South Korea. AwSpy has been noted infiltrating
While browsing submissions to the VirusTotal site, our researchers discovered Ztax ransomware. This malicious program is part of the Dharma ransomware family. On our test machine, Ztax encrypted files and altered their filenames. Original titles were appended with a unique ID assigned to the vict
Our researchers discovered the karakorampeak[.]top rogue page while investigating dubious websites. Upon inspection, we learned that this webpage promotes spam browser notifications and causes redirects to other (likely unreliable/hazardous) websites. The majority of visitors to karakorampeak[.]t
Our researchers discovered NK – a ransomware-type program based on Chaos – while reviewing file submissions to the VirusTotal platform. Ransomware is designed to encrypt files and demand ransoms for the decryption. After we launched a sample of NK on our testing machine, it encrypted files and ap
SwiftSeek is a browser hijacker. Our researchers found this extension in an installer promoted by a deceptive page, which was discovered during a routine investigation of suspicious websites. Browser hijackers operate by making changes to browser settings to endorse (via redirects) fake search en
Opalarmes2[.]space is a rogue webpage that promotes dubious content and browser notification spam. It can also generate redirects landing on different (likely unreliable/dangerous) sites. Most visitors to pages of this kind access them through redirects caused by sites using rogue advertising net
Our researchers discovered diteringion[.]com while browsing dubious websites. This rogue page is designed to promote browser notification spam and redirect users to different (likely untrustworthy/dangerous) sites. The majority of visitors to diteringion[.]com and similar webpages access them via
Upon examining the "Join Zoom Meeting" email, we determined that it is spam. Presented as an invite to a Zoom videotelephony meeting, this fake message seeks to lure recipients into visiting a phishing website that targets account log-in credentials. It must be stressed that this email is fraudul
Bellpepa.co[.]in is a rogue page discovered by our researchers during a routine inspection of suspect websites. Upon investigation, we determined that this webpage promotes browser notification spam and generates redirects to different (likely untrustworthy/hazardous) sites. Most visitors enter b