Marcher is a banking trojan targeting Android devices. This malware is multi-functional and its primary goal to acquire banking and other finance-related information. Marcher has been around since at least 2013 and has undergone changes throughout the years. Upon installation, Marcher requ
Modefender[.]xyz is the address of a rogue webpage that promotes browser notification spam and redirects users to other (likely unreliable/dangerous) sites. At the time of research, this page used a CAPTCHA-themed lure. Most visitors access webpages of this kind via redirects caused by websites t
Our researchers discovered libruies[.]com while investigating dubious websites. Upon examination, we learned that this rogue webpage endorses browser notification spam and redirects users to different (likely untrustworthy/harmful) sites. The majority of visitors to libruies[.]com and analogous p
Vgod is ransomware designed to encrypt files and append the ".Vgod" extension to them. Also, it changes the desktop wallpaper and provides a ransom note named "Decryption Instructions.txt". Cybercriminals behind Vgod use the malware to extort money from victims. An example of how Vgod renames fil
FrigidStealer is a malware targeting Mac operating systems. This malicious program is classed as a stealer, and as the classification implies – it is designed to steal sensitive information. FrigidStealer has been observed being spread via Web inject campaigns that redirect users to dedicated we
Zhong Stealer is a piece of malware that infects Windows systems, stays active, and steals sensitive data while avoiding detection. It uses various tricks to remain hidden, gather information, and keep control of the infected system. If the system is compromised, Zhong Stealer should be removed as
In our analysis, we found that getelltheprecise[.]org, if allowed, can send unwanted notifications. The site uses clickbait to obtain permission to send them. Web pages like getelltheprecise[.]org should not be permitted to show notifications to avoid scams, unwanted downloads, and other threats.
While browsing suspect sites, our researchers found the jiilyis[.]info rogue page. It promotes online scams and browser notification spam. Additionally, jiilyis[.]info can redirect users to other (likely untrustworthy/dangerous) websites. Jiilyis[.]info and similar webpages are primarily accessed
We have examined bonalable[.]com and found that its purpose is to deceive visitors into granting it permission to send notifications. If this permission is given, bonalable[.]com can show fake warnings and other deceptive notifications. Thus, bonalable[.]com and similar sites should be avoided.
Our researchers discovered the CipherLocker ransomware while investigating new submissions to the VirusTotal platform. After we executed a sample of this malicious program on our test machine, it encrypted files and added a ".clocker" extension to their names. An original filename such as "1.jpg"