Antivirus by FSB is an advanced backdoor that compromises Android devices. Threat actors have deployed it in campaigns targeting Russian business representatives. Its functionality includes the execution of various malicious commands. If detected on a device, the malware should be removed immediat
Kelpmetoreali[.]com is a rogue webpage discovered by our research team during a routine investigation of suspicious sites. After examining this page, we determined that it promotes dubious content and browser notification spam. It can also redirect users to other (likely unreliable/malicious) webs
While investigating untrustworthy sites, our researchers discovered the jpadsnow[.]com rogue webpage. It operates by endorsing browser notification spam and generates redirects to different (likely unreliable/hazardous) websites. Jpadsnow[.]com and similar pages are primarily accessed through redi
We have examined knobd[.]com and concluded that its purpose is to deceive visitors into taking actions allowing the site to show notifications. Once permitted, knobd[.]com can display annoying and often misleading notifications. Clicking the links in such notifications can expose users to privacy
KillBack is ransomware that our team discovered while examining samples submitted to VirusTotal. Upon execution, KillBack encrypts data, appends the victim's ID and ".killback" extension to files, and creates a ransom note ("README.TXT"). An example of how the malware modifies filenames: It chang
Our research team found this fake "Brian" airdrop while browsing suspicious sites. Upon examination, we learned that this scam operates as a cryptocurrency drainer. Essentially, it aims to steal digital assets from exposed cryptocurrency wallets. It must be stressed that this bogus airdrop is not
Our team has examined the email and concluded that it is a scam. The message is disguised as a notification from UPS (a legitimate global shipping and logistics company). It is crafted to deceive recipients into sending money and (or) information to scammers. Recipients of this email should ignore
Our researchers found this fake "BabyDoge" website (babydogoswap[.]com; other domains may exist) during a routine investigation. The purpose of this page is to deceive users into connecting their digital wallets to a cryptocurrency drainer. It must be emphasized that this scam is in no way associa
While inspecting dubious websites, our researchers discovered jpadsnetwork[.]com. This rogue page is designed to endorse browser notification spam and generate redirects to different (likely unreliable/hazardous) sites. Jpadsnetwork[.]com and similar webpages are primarily accessed via redirects c
Jpadscity[.]com is a rogue webpage discovered by our researchers during a routine investigation. Upon examination, we learned that this page promotes browser notification spam and redirects users to other (likely suspicious/dangerous) sites. Most visitors to jpadscity[.]com and similar webpages a