Can stealer is a malicious program designed to extract sensitive information from infected systems. It targets a variety of data but there's a particular focus on log-in credentials (usernames/passwords). According to Can stealer's promotional material, it has anti-analysis capabilities, s
Our researchers discovered the efgrghhindhimi[.]info rogue page during a routine inspection of dubious websites. After examining this webpage, we determined that it promotes spam browser notifications and generates redirects to different (likely unreliable/hazardous) sites. Efgrghhindhimi[.]info
SambaSpy is a remote access Trojan (RAT), a type of malware that cybercriminals often use to steal information and (or) distribute additional malware. Threat actors have been observed distributing SambaSpy via email. Interestingly, they target Italian users only. However, the attackers may broaden
Our research team discovered forenteion[.]com while browsing suspicious websites. After analyzing this rogue page, we learned that it promotes dubious content and browser notification spam. Forenteion[.]com can also redirect users to other (likely untrustworthy/dangerous) sites. Most visitors to
We have classified JoopApp as an unwanted application because at least one security vendor flags its installer as malicious on VirusTotal. Having apps like JoopApp installed on computers can pose security and privacy risks. Thus, users are advised not to install and remove such apps if they are al
While inspecting untrustworthy sites, our researchers discovered fondsmoney[.]com. This rogue webpage promotes browser notification spam and produces redirects to other (likely unreliable/malicious) websites. Most visitors to fondsmoney[.]com and similar pages access them through redirects caused
Bnfgnbheavynuo[.]info is a rogue page promoting browser notification spam and redirecting visitors to other (likely dubious/malicious) websites. Our researchers discovered this webpage while inspecting a Torrenting site that uses rogue advertising networks. In fact, redirects generated by website
During our inspection of donthiter[.]com, we found that it uses a deceptive tactic to obtain visitors' permission to send them notifications. Typically, sites like donthiter[.]com deliver unreliable notifications. Thus, users are highly advised not to permit donthiter[.]com to send notifications.
Our researchers found the betterconnection.co[.]in rogue page while investigating suspect websites. Upon examination, we learned that this webpage promotes browser notification spam and redirects visitors to different (likely unreliable/dangerous) sites. Users most commonly enter pages like bette
While reviewing new malware submissions to the VirusTotal platform, our research team discovered the Mqpoa ransomware. This program encrypts data and demands payment for its decryption. On our testing system, Mqpoa encrypted files and renamed them. Original filenames are changed to a random chara