NoviSpy is a malicious program targeting Android devices. It is classed as spyware – a type of malware designed for stealthy surveillance and data theft. NoviSpy activity has been associated with the Serbian Security Intelligence Agency (BIA). During the last several years, this spyware has been
We have reviewed pectorsed[.]com and concluded that it is an unreliable web page created to lure visitors into granting it permission to show notifications. Moreover, if the site has permission to send notifications, it bombards users with fake alerts and other messages. Overall, pectorsed[.]com c
Our analysis of grimpoaltoumpa[.]com reveals that it uses deceptive tactics to trick users into granting notification permissions. Once allowed, it can deliver fake and misleading notifications, often promoting potentially harmful websites. Therefore, grimpoaltoumpa[.]com is unreliable and should
Our research team discovered the unlockcontent[.]org rogue page during a routine inspection of suspicious websites. Upon investigation, we determined that this webpage endorses browser notification spam and generates redirects to different (likely unreliable/malicious) sites. The majority of visi
WmRAT is malware that functions as a standard Remote Access Trojan (RAT). This RAT is written in C++ and can perform multiple malicious activities. WmRAT was observed being used by cybercriminals to target government, energy, telecom, defense, and engineering sectors in Europe, the Middle East, Af
Our research team found the contus[.]sbs rogue page while investigating untrustworthy websites. This page promotes browser notification spam and redirects users to other (likely dubious/dangerous) sites. Contus[.]sbs and analogous webpages are primarily accessed through redirects produced by webs
MiyaRAT is a Remote Access Trojan written in the C++ programming language. It is capable of taking screenshots, enumerating files, executing commands, and more. MiyaRAT is known to be used by a specific group of cybercriminals to target the government, energy, telecommunications, defense, and engi
Our researchers discovered Novalock while reviewing new submissions to the VirusTotal website. This malicious program is part of the GlobeImposter ransomware family. Novalock encrypts files and demands payment for the decryption. On our test machine, this ransomware encrypted files and appended t
We have reviewed the email and determined that its goal is to harvest information from recipients. The email is disguised as a fraudulent activity alert notice from Webmail. The scammers behind this email aim to trick recipients into opening the included website to steal their details. Users shoul
CoinLurker is a stealer-type malware. Programs within this classification are designed to extract sensitive data from infected systems. CoinLurker is a targeted stealer that seeks information related to cryptocurrency wallets. CoinLurker is a stealer with significant anti-detection capabil