SambaSpy is a remote access Trojan (RAT), a type of malware that cybercriminals often use to steal information and (or) distribute additional malware. Threat actors have been observed distributing SambaSpy via email. Interestingly, they target Italian users only. However, the attackers may broaden
Our research team discovered forenteion[.]com while browsing suspicious websites. After analyzing this rogue page, we learned that it promotes dubious content and browser notification spam. Forenteion[.]com can also redirect users to other (likely untrustworthy/dangerous) sites. Most visitors to
We have classified JoopApp as an unwanted application because at least one security vendor flags its installer as malicious on VirusTotal. Having apps like JoopApp installed on computers can pose security and privacy risks. Thus, users are advised not to install and remove such apps if they are al
While inspecting untrustworthy sites, our researchers discovered fondsmoney[.]com. This rogue webpage promotes browser notification spam and produces redirects to other (likely unreliable/malicious) websites. Most visitors to fondsmoney[.]com and similar pages access them through redirects caused
Bnfgnbheavynuo[.]info is a rogue page promoting browser notification spam and redirecting visitors to other (likely dubious/malicious) websites. Our researchers discovered this webpage while inspecting a Torrenting site that uses rogue advertising networks. In fact, redirects generated by website
During our inspection of donthiter[.]com, we found that it uses a deceptive tactic to obtain visitors' permission to send them notifications. Typically, sites like donthiter[.]com deliver unreliable notifications. Thus, users are highly advised not to permit donthiter[.]com to send notifications.
Our researchers found the betterconnection.co[.]in rogue page while investigating suspect websites. Upon examination, we learned that this webpage promotes browser notification spam and redirects visitors to different (likely unreliable/dangerous) sites. Users most commonly enter pages like bette
While reviewing new malware submissions to the VirusTotal platform, our research team discovered the Mqpoa ransomware. This program encrypts data and demands payment for its decryption. On our testing system, Mqpoa encrypted files and renamed them. Original filenames are changed to a random chara
During our examination of the buytonelada[.]com web page, we found that it uses clickbait to trick visitors into permitting it to send notifications to their devices. Usually, notifications shown by sites like buytonelada[.]com are deceptive. Therefore, users should never accept notifications from
We have reviewed atradest[.]com and discovered that it uses deceptive content to persuade visitors to agree to receive its notifications. Users should not trust such sites and should avoid permitting them to send notifications. If atradest[.]com has been allowed to show them, this permission shoul