After inspecting the "Samples Of The Product" email, we determined that it is spam. It is presented as a potential purchase order. The spam mail enticed recipients into visiting a phishing website that targets their email account log-in credentials. It must be stressed that the information in thi
Miwgh.co[.]in is a rogue webpage that is designed to promote browser notification spam and redirect visitors to different (likely dubious/malicious) websites. The majority of users access pages like this via redirects caused by sites that utilize rogue advertising networks. Our research team disc
Octo2 is a new version of the Octo banking Trojan targeting Android users. Compared to the old version, the Octo2 includes improved RAT capabilities and anti-analysis and anti-detection techniques. If there is a reason to suspect that a device is infected with Octo2, a scan using a reputable secur
Our inspection of the site (claim-wallstreetmemes.pages[.]dev) has shown that it is one of the scams involving fraudulent offers to participate in an airdrop (cryptocurrency giveaway). The scammers behind these scams aim to trick individuals into taking actions that can result in huge financial lo
While investigating deceptive sites, our researchers discovered the "Claim $REZ" scam. It was endorsed on renzoprotocal.pages[.]dev, but it could be hosted elsewhere. The scheme is presented as an airdrop. However, this "Claim $REZ" page functions as a cryptocurrency drainer. Victims of this scam
Vilsa is a malicious program classed as a stealer. As the class implies, this malware is designed to extract and exfiltrate vulnerable data from compromised machines. Most stealers target log-in credentials (usernames/passwords) of various accounts, personally identifiable information, and finance
Crystal Rans0m is ransomware developed in Rust programming language. During our analysis, we noticed that it not only encrypts files but also steals information. Unlike most ransomware variants, Crystal Rans0m does not append any extension to the encrypted files. The ransom note provided by this r
Our researchers discovered ladsmusic[.]com while browsing suspicious websites. This rogue page promotes spam browser notifications and redirects users to other (likely unreliable/hazardous) sites. The majority of visitors to ladsmusic[.]com and webpages akin to it access them through redirects ge
Zinionifeish[.]com is a rogue webpage found by our research team during a routine investigation of untrustworthy sites. Upon examination, we determined that this page promotes browser notification spam and redirects users to different (likely dubious/malicious) websites. Most visitors enter webpa
Our inspection of the "Internet Bank System" email revealed that it is spam. It notifies about a received payment. The goal of this spam mail is to lure recipients into visiting a phishing website that targets email account log-in credentials (passwords). The spam email with the subject "D