BingoMod is a remote access trojan (RAT) targeting Android users. Once infiltrated, RATs allow cybercriminals to perform various actions on the compromised devices (they grant attackers the ability to remotely control infected devices). BingoMod is primarily used to make unauthorized money transfe
During our inspection of the email, we uncovered that it is a phishing email. This email is disguised as a notification of grant donation. The purpose of this scam email is to trick recipients into disclosing personal information and (or) transferring money. Recipients should ignore this email to
Our researchers found icekrussoop[.]com while browsing suspect websites. This rogue page is designed to promote browser notification spam and redirect visitors to other (likely untrustworthy/hazardous) sites. Most users enter webpages like icekrussoop[.]com via redirects caused by websites utilizi
"Saudi Aramco email scam" refers to spam campaigns impersonating business offers from Saudi Aramco. We investigated four email variants distributed through said campaigns. However, this is a longstanding scam with many email versions. It must be emphasized that these spam emails are not associate
After inspecting this "Mitsubishi Corp." email, we determined that it is spam. The fake message impersonates an order inquiry from "Mitsubishi Corporation USA". This scam can operate in a variety of ways, most likely by targeting sensitive information or victims' funds directly. It must be emphas
Cash is a ransomware-type program developed by the same threat actor behind Cash RAT (Remote Access Trojan) and MintStealer. Ransomware is designed to encrypt data and demand payment for the decryption. After executing a sample of Cash on our test machine, we learned that it appends the filenames
Cash is the name of a Remote Access Trojan (RAT). Malware within this classification is designed to allow remote access and control over compromised machines. This trojan was first observed in 2022, with its latest version emerging in the spring of 2024. The initial variant of Cash had significant
DeerStealer is an information stealer distributed via the Google search engine through fake Google ads. Cybercriminals target users by presenting malicious ads that appear legitimate, tricking them into downloading the stealer. Once on the victim's machine, DeerStealer can harvest sensitive inform
During our examination of searchresultsadblocker.com, we found that it is a fake search engine promoted via a browser hijacker (an unwanted extension). Typically, users add extensions promoting addresses like searchresultsadblocker.com unintentionally. It is important for users to be cautious of s
News-xofapi[.]com is a rogue webpage discovered by our researchers during a routine inspection of suspicious sites. After reviewing this page, we learned that it endorses browser notification spam and redirects users to other (likely untrustworthy/malicious) websites. Visitors primarily access we