DroidBot is a Remote Access Trojan (RAT) targeting Android users. It can monitor user interface, log keystrokes, and perform hidden VNC and overlay attacks. It employs dual-channel communication, sending data via MQTT and receiving commands over HTTPS for improved flexibility and resilience.
After examining the "Procedure To Update And Keep Your Email Password" message, we determined that it is spam. It claims that the recipient's account password will expire soon and must be updated. The goal of this spam mail is to lure users into visiting a phishing website that targets email log-i
Our researchers discovered the AllCiphered ransomware while reviewing new file submissions to the VirusTotal platform. This program is part of the MedusaLocker ransomware family. Malware within this classification encrypts data and demands payment for the decryption. On our testing system, AllCip
Overedishlear[.]com is a rogue webpage discovered by our researchers during a routine investigation of untrustworthy sites. Upon inspection, we determined that this page promotes spam browser notifications and redirects users to different (likely questionable/malicious) websites. Most visitors en
While inspecting suspicious websites, our researchers found the alertsphere[.]top rogue page. It operates by promoting browser notification spam and generating redirects to different (likely unreliable/dangerous) sites. Users primarily access webpages like alertsphere[.]top through redirects caus
Zephyr Miner is a piece of malicious software classified as a cryptocurrency miner. This malware is designed to mine (i.e., generate) the Zephyr (ZEPH) cryptocurrency for the attackers. Zephyr Miner is a sophisticated cryptominer that exhibits anti-detection and persistence-ensuring capabilities.
SMOK is a malicious program within the ransomware category. Malware of this kind encrypts data in order to demand payment for the decryption. Many ransomware-type programs also rename the encrypted files. There are several variants of SMOK. This program appends the filenames of affected files wit
While browsing suspicious websites, our research discovered this "SyncAI Wallet Connection" scam on blockchainmiddleware.pages[.]dev (note that it could be hosted elsewhere). It imitates the SyncAI platform (syncai.network), yet the scheme bears no association with it or any other existing projec
Our inspection of watchgreatlyquickthe-file[.]top has shown that this website cannot be trusted. It presents misleading content to deceive visitors into agreeing to receive its notifications. If allowed, watchgreatlyquickthe-file[.]top can bombard users with fake and annoying warnings, alerts, off
AdBlocker Professional is promoted as a tool that blocks intrusive advertisements, enhances browsing peed, and improves online privacy. However, during our analysis, we found that AdBlocker Professional can display unwanted ads. Therefore, our team classified the AdBlocker Professional extension a