Our researchers found HandlerRecord – a rogue app – during a routine investigation of new file submissions to the VirusTotal site. Upon analysis, it was determined that this application is adware from the AdLoad malware family. Advertising-supported software is designed to feed users unwanted an
Our research team discovered the avirabot[.]online rogue page while browsing untrustworthy websites. It promotes scams and browser notification spam. Additionally, this webpage can redirect users elsewhere (likely unreliable/dangerous sites). The majority of visitors to pages like avirabot[.]onli
After inspecting the "Phone Number Was Added To Your Account" email, we determined that it is spam. The fake message attempts to imply that the security of the recipient's email account has been compromised. The goal is to get them to disclose their account log-in credentials (password) to a phish
"Password Nearing Expiration" is a phishing email. This spam message claims that the recipients' email account passwords are going to expire soon. Recipients are urged to authenticate the accounts to avoid losing access; thus, they are lured into disclosing their email log-in credentials (password
Our examination of sechunsaisir[.]com has shown that this is a misleading website designed to trick visitors into allowing it to show notifications. Sechunsaisir[.]com uses clickbait to achieve this. Thus, users should not visit such pages or permit them to send notifications to avoid exposure to
During our inspection of the email, we found it to be a phishing attempt. The purpose of this email is to trick the recipient into believing they have received a letter regarding a purchase order and providing personal information. Recipients should ignore this email (not provide any requested det
Mandrake is a spyware targeting Android devices. Malicious software within this classification is designed to steal and record victims' information. One of the primary goals of Mandrake is to acquire log-in credentials. This malware has been around since at least 2016. Multiple variants of Mandra
Our analysis of the Funny Tool Redirect extension has shown that it is designed to redirect users to google.com in a specific circumstance. We also found that Funny Tool Redirect is distributed via malicious installers. Therefore, users should avoid adding Funny Tool Redirect to browsers and remov
Cronus is malware that operates as ransomware. We discovered it while examining samples uploaded to VirusTotal. During our inspection, Cronus encrypted files and replaced their extensions with five random characters. It also changed the desktop wallpaper and provided a ransom note ("cronus.txt").
After inspecting the "Messages Have Been Temporarily Held" email, we determined that it is spam. This phishing letter claims multiple messages were withheld from reaching the recipient's inbox. The spam mail lures victims into disclosing their email account log-in credentials under the guise of a