During a routine inspection of suspicious webpages, our research team discovered elidesmail[.]com. After examining this rogue page, we determined that it promotes spam browser notifications and generates redirects to different (likely untrustworthy/hazardous) sites. Most visitors access elidesmai
Streamcurrentoverlythe-file[.]top is the address of a rogue webpage. Upon examination, we learned that this page endorses browser notification spam and generates redirects to other (likely dubious/dangerous) websites. The majority of visitors to such webpages access them via redirects caused by s
Our research team discovered the elideshub[.]com rogue page during a routine investigation of dubious websites. After inspecting this webpage, we determined that it promotes browser notification spam and redirects visitors to other (likely unreliable/hazardous) sites. Users primarily access pages
TRUST FILES is a ransomware-type program. Software within this classification is designed to encrypt data and demand payment for the decryption. On our test machine, TRUST FILES encrypted files and altered their names. Original filenames were appended with a unique ID assigned to the victim, the
RevC2 is backdoor malware delivered by cybercriminals through Venom Spider malware-as-a-service (MaaS) tools. It can steal sensitive information and enable remote code execution (RCE). The exact method of distribution for RevC2 is currently unknown. Threat actors were observed using the same MaaS
Venom Loader is a newly identified malware loader developed by the threat actor group known as Venom Spider. This loader is part of a broader malware-as-a-service (MaaS) operation, which also includes another malware, a backdoor known as RevC2. Venom Loader encodes its payload uniquely for each ta
Monokle is a spyware-type program that targets Android devices. It is capable of extracting extensive geolocation data, recording calls, reading messages, exfiltrating files, and performing other malicious activities. This malware was discovered on a device returned to its owner after it was seiz
We have inspected vidstreambox[.]com and found that it is an unreliable website designed to trick visitors into agreeing to receive its notifications. Vidstreambox[.]com uses clickbait to obtain permission to show notifications. Users should be careful when encountering sites like vidstreambox[.]c
Our analysis of the email reveals that it is a fraudulent notification about an unprocessed payment. The purpose of this scam is to deceive recipients into visiting the provided webpage and revealing personal information. It is strongly advisable to disregard this email and avoid engaging with its
Our discovery of Termite occurred while examining malware samples submitted to VirusTotal. We found that Termite is ransomware belonging to the Babuk family. Once the system is infected with Termite, the malware encrypts files, appends the ".termite" extension to filenames, and creates a ransom no