During a routine investigation, our researchers discovered search-crown.com - a fake search engine that is promoted through various browser hijackers and unwanted browser extensions. Users whose browsers are affected by this type of software are redirected to search-crown.com without their consen
While investigating suspicious websites, our research team discovered the underont[.]com rogue page. It uses a fake human verification prompt to trick visitors into allowing browser notifications. Once permission is granted, underont[.]com delivers misleading alerts and advertisements that can exp
Our researchers discovered prozonelarantix.co[.]in while investigating dubious websites. After examining this rogue page, we determined that it promotes browser notification spam and generates redirects to other (likely unreliable/dangerous) sites. Prozonelarantix.co[.]in presents visitors
Our researchers discovered nomososkledne[.]com while investigating dubious websites. After examining this rogue page, we determined that it promotes browser notification spam and generates redirects to other (likely unreliable/dangerous) sites. Most visitors reach pages like this via redirects cau
OverlayPhantom is an Android banking trojan that targets more than 180 banking, financial, and cryptocurrency applications across ten countries. Once installed, it hides under the name "Google Play Services" and overlays fake login screens on top of real banking apps to steal credentials. OverlayP
BTMOB RAT is an Android Remote Access Trojan sold to cybercriminals under a malware-as-a-service model. It gives attackers broad control over infected devices, including the ability to steal data and spy on victims in real time. According to research by ESET, BTMOB RAT was first documented in Febr
While investigating suspicious websites, our research team discovered the jartibbinght[.]com rogue page. After examining it, we determined that it uses deceptive tactics to trick visitors into enabling browser notifications, and then redirects them to other unreliable or harmful sites. Most visito
Our analysis has revealed that clicksafetychallenge.co[.]in is a rogue page designed to trick visitors into granting it permission to send browser notifications. The site uses a fake CAPTCHA widget as bait. If allowed, it delivers misleading security alerts that can expose users to scams and other
Our analysis has revealed that chonateciae[.]com is a rogue page built to deceive visitors into enabling browser notifications. The site uses a fake robot verification prompt as its lure. Once permission is granted, it delivers misleading alerts and other unwanted notifications that can expose use
After inspecting this email, we determined that it is a phishing scam. It poses as an automated notification from a mailbox service provider, falsely claiming the recipient's account is due for an upgrade. The scammers want users to click through to a fraudulent website and hand over their email l