While investigating dubious websites, our researchers found the TjboApp PUA (Potentially Unwanted Application). Software within this category usually possesses undesirable or harmful capabilities. PUAs tend to infiltrate systems in bundles (i.e., packed together with other suspect software). This
Orbit is ransomware that our team discovered while inspecting samples submitted to VirusTotal. This ransomware encrypts and renames files (it appends a string of random characters, likely the victim's ID, and the ".orbit" extension). Also, Orbit generates a ransom note, the "README.TXT" file. An
Our researchers discovered nexaapptwp[.]com during a routine inspection of untrustworthy websites. After examining it, we determined that this rogue webpage is designed to promote browser notification spam and redirect users to different (likely unreliable/harmful) sites. The majority of visitors
Our research team discovered retrioni[.]net while browsing dubious sites. After investigating this rogue page, we determined that it tricks users into allowing browser notification delivery. Additionally, retrioni[.]net can redirect users to other (likely dubious/malicious) websites. Most visitor
We have reviewed news-kuxora[.]com and found that it is a misleading web page that uses clickbait to obtain permission to show notifications. Websites of this type cannot be trusted and should be closed. Users who have agreed to receive notifications from news-kuxora[.]com should remove the permis
After reviewing the email, we've concluded it's a lottery scam. Scammers usually send such emails to trick recipients into providing them with personal information and (or) sending money. There are no real prizes in such scams, so recipients should ignore them. This email claims that the r
Upon reading the "Trustworthy Foreign Partner" email, we determined that it is spam. The letter is presented as a partnership proposal, wherein the recipient will be transferred the sender's funds. The nonexistent assets are worth millions, and the recipient will be able to keep 35%. It must be s
Waltuhium is the name of an information stealer. This malware is designed to extract and exfiltrate a variety of vulnerable data from compromised devices. Waltuhium targets passwords, cryptocurrency wallets, and other sensitive information. This stealer has been observed being freely distributed t
Frutiadsstudio[.]com is a rogue page designed to promote spam browser notifications and redirect visitors to other (likely untrustworthy/hazardous) websites. Most visitors enter frutiadsstudio[.]com and similar webpages via redirects generated by sites using rogue advertising networks. Alternativ
Foodisgood.xyz is a fake search engine that we found while inspecting the FoodIsGood Default Search browser hijacker. This extension makes changes to browser settings in order to promote (via redirects) the foodisgood.xyz webpage. Browser-hijacking software modifies browser settings (e.g.,