Our examination of the page (galaxyfoxclaim.pages[.]dev) has shown that it is a fraudulent website mimicking the Galaxy Fox platform (galaxyfox[.]io). Scammers behind this fake web page aim to trick unsuspecting individuals into taking actions that would cause them financial losses. Thus, this sit
Upon inspection of a browser extension called "A cool tab", we determined that it is a browser hijacker. The extension modifies browser settings to generate redirects that land on the search.mycooltab.com fake search engine. Typically, browser-hijacking software makes changes to browsers'
This fake "Department Of Treasury - Compensation Funds" email promises recipients eight million dollars and a new car in compensation. The purpose of this spam mail is to collect personally identifiable information. However, the scammers behind this phishing campaign might also seek to deceive rec
Csharp-Streamer is a RAT (Remote Access Trojan) that has been around since at least 2020. There are multiple versions of this malware, and evidence suggests that Csharp-Streamer is modular. RATs enable remote access and control over infected devices. Csharp-Streamer has been utilized in numerous
Our researchers found DeviceControl while browsing new file submissions to the VirusTotal site. Upon inspection, we learned that this application is adware from the AdLoad malware family. DeviceControl operates by running intrusive advertisement campaigns. Adware is designed to generate
Our researchers discovered the BasicDisplay adware while browsing file submissions to the VirusTotal website. After examining this application, we determined that it is part of the AdLoad malware family. Advertising-supported software (adware) is designed to generate revenue for its developers t
DataDestroyer is ransomware that our team discovered while examining malware samples submitted to VirusTotal. This ransomware is based on Chaos. Upon infiltration, it encrypts files and appends the ".destroyer" extension to filenames. Also, DataDestroyer creates a ransom note ("note.txt" file). A
The website in question – nhereugo.com – is a fake search engine. Sites within this classification cannot provide search results and redirect to legitimate Internet search websites. Nhereugo.com is no exception. Additionally, fraudulent search engines tend to collect information about their visit
During our examination of a dubious web page offering pirated content, we discovered the AERO Sample program. Upon installing it, we found that it had no clear purpose or functionality. This suggests that the program may be designed for malicious intent. Therefore, it is advisable to avoid program
After reading the "You Are One Of A Kind" email, we determined that it is spam. Upon inspection, we determined that this letter is promoting a sextortion scam. The email falsely claims that the sender infected the recipient's devices, obtained vulnerable data, and recorded a sexually explicit vide