JinxLoader is a cross-platform loader written in the Go programming language that targets Windows and Linux operating systems. It is designed to create botnets and cause further system infections. JinxLoader has first been observed in the Autumn of 2023. After a suspected code sale to two threat
We have examined the page (rewards.mantleweb3[.]xyz) and learned that it is a scam website. It is designed to appear like the real site (mantle.xyz) and trick users into taking action that could result in cryptocurrency theft. Users should be careful when encountering such pages to avoid monetary
AutoClicker is an application created to automate the clicking of a mouse on a computer screen element. However, we found that it is distributed through torrents and similar channels, and its installer (and the app itself) is flagged as malicious by multiple security vendors. Thus, it is advisable
GhostSpider is an advanced, multi-layered backdoor that can load various modules, each designed for specific tasks or functions. This backdoor has been recently discovered and observed targeting telecommunications companies in Southeast Asia. It operates stealthily, allowing attackers to carry out
Our team has examined oppush[.]space and concluded that this web page cannot be trusted. It displays a deceptive message and requests permission to show notifications that can be used to promote unreliable content. Overall, users should avoid visiting opush[.]space and not allow it to send notific
We have inspected activesafe[.]site and discovered that it displays various fake warnings and requests permission to show notifications. Usually, users who agree to receive notifications from sites like activesafe[.]site are bombarded with annoying and misleading ads and other content. Thus, it is
We have analyzed this email and discovered that it is a fake email server notification containing a link to a phishing website. Scammers behind this fraudulent email seek to extract personal information from recipients. This email should be ignored to avoid potential negative consequences.
Our researchers discovered the Fire Shield Secure Search browser extension while investigating deceptive sites. Its promotional material endorses this software as a tool for protecting users from various online threats. After analyzing this extension, we determined that it is a browser hijacker.
After inspecting this "Full Storage Notification" email, we learned that it is spam. This message falsely claims that the recipient's inbox has reached capacity, which may lead to service interruptions. The purpose of "Full Storage Notification" is to lure recipients into a phishing website that t
Our researchers discovered the news-xgomuvo[.]live rogue page while investigating questionable websites. Upon examination, we learned that it endorses browser notification spam and redirects users to other (likely dubious/dangerous) sites. News-xgomuvo[.]live and analogous webpages are primarily