Waltuhium is the name of an information stealer. This malware is designed to extract and exfiltrate a variety of vulnerable data from compromised devices. Waltuhium targets passwords, cryptocurrency wallets, and other sensitive information. This stealer has been observed being freely distributed t
Frutiadsstudio[.]com is a rogue page designed to promote spam browser notifications and redirect visitors to other (likely untrustworthy/hazardous) websites. Most visitors enter frutiadsstudio[.]com and similar webpages via redirects generated by sites using rogue advertising networks. Alternativ
Foodisgood.xyz is a fake search engine that we found while inspecting the FoodIsGood Default Search browser hijacker. This extension makes changes to browser settings in order to promote (via redirects) the foodisgood.xyz webpage. Browser-hijacking software modifies browser settings (e.g.,
We have examined this email and found that it is a scam commonly known as an advance-fee scam. Scammers behind such schemes usually aim to trick unsuspecting individuals into transferring money or providing sensitive information. Either way, scam emails should be ignored. This scam email c
While investigating questionable websites, our research team found multipleday[.]com. After examining this rogue page, we learned that it is designed to promote browser notification spam and redirect users to different (likely unreliable/harmful) sites. Most visitors access webpages like multipled
Our team has inspected webbearsearch.com and found that it is a fake search engine. This fake search engine is promoted via a browser hijacker, an extension known as Web Bear Search. It is highly recommended to avoid visiting/using search engines like webbearsearch.com, especially those promoted v
While reviewing new submissions to the VirusTotal website, our research team discovered the Anonymous Encryptor malicious program. After analyzing this malware, we determined that it is identical to two ransomware-type programs – GhosHacker and BlackSkull. Anonymous Encryptor ransomware encrypts
Our analysis of froommixoria[.]com has uncovered that it is a deceptive website designed to deceive unsuspecting visitors into agreeing to receive notifications from the site. Notifications from websites like froommixoria[.]com are not reliable. Therefore, such pages should not be permitted to sen
While investigating suspicious websites, our researchers discovered the doidacers[.]com rogue page. It operates by promoting browser notification spam and redirecting users to other (likely dubious/dangerous) sites. Webpages like doidacers[.]com are most often accessed through redirects generated
During our analysis of samples uploaded to the VirusTotal page, we discovered a ransomware variant belonging to the Djvu family known as Watz. This variant encrypts files and adds its extension (".watz") to filename. For instance, it changes "1.jpg" to "1.jpg.watz" and "2.png" to "2.png.watz". Als