NewEngine is a rogue browser extension discovered by our research team when analyzing the installation setup for NeverSleep PUA. Upon examination, we determined that NewEngine is a browser hijacker. It modifies browsers to promote (via redirects) the search-secured.com fake search engine.
While browsing deceptive websites, our research team discovered a page endorsing the NeverSleep app. It is presented as a tool for preventing computers from entering sleep mode. Upon inspection, we determined that NeverSleep is a PUA (Potentially Unwanted Application). Software within this classi
Our research team discovered the "Verify You Are A Human" scam while investigating untrustworthy sites. It is essentially fake CAPTCHA authentication. This scheme is part of the ClickFix campaign and lures users into downloading/installing the Lumma stealer. However, this scam and others that use
Spy.Banker is a piece of malicious software that targets Android and iOS devices. It is capable of creating app imitations through PWAs (Progressive Web Applications) or WebAPKs; the latter is an Android-only feature wherein Google Chrome automatically generates an APK (referred to as WebAPK). At
We have inspected this scam and found that its purpose is to trick users into believing that their antivirus protection has expired. Typically, scammers use such scams to extract money or personal information from unsuspecting individuals. Thus, it is highly recommended not to interact with websit
Cthulhu is an information stealer written in the the Go programming language and designed to appear as a legitimate application. Its primary purpose is to extract credentials and cryptocurrency wallets from various stores and game accounts. The stealer seems to be available for rent to individua
Hunforandiogs[.]com is a rogue page that promotes browser notification spam and redirects visitors to other (likely unreliable/dangerous) websites. Webpages like hunforandiogs[.]com are most often accessed via redirects caused by sites utilizing rogue advertising networks. Our research team disco
After inspecting the "IMAP/POP3 TIME-OUT" email, we determined that it is spam. The message falsely claims that the recipient's email service has been temporarily restricted due to an error. This lure is used to deceive recipients into disclosing their email account log-in credentials to a phishin
Our analysis of protectkingdom[.]com has shown that it is a misleading website created to trick visitors into permitting it to send notifications. Protectkingdom[.]com and similar sites should not be allowed to show notifications, as their notifications often are fraudulent. It is worth noting tha
We have inspected this email and determined that it is a scam. The purpose of this scam email is to extract personal information and (or) money from recipients. Whoever receives such emails should ignore them and never provide any information or take other actions. This scam email claims t