After inspecting the "Operating System Was Compromised Under My Direction" email, we determined that it is spam. This fake letter promotes a sextortion scam. The goal is to trick recipients into paying a ransom to prevent a hacker from leaking compromising footage and other personal data. It must
While investigating dubious websites, our research team discovered the news-fujopo[.]cc rogue page. It operates by promoting browser notification spam and redirecting visitors to different (likely untrustworthy/dangerous) sites. Most users access webpages like news-fujopo[.]cc via redirects gener
While delving into the NetField app, we stumbled upon the realization that it is an advertising-supported app (adware). The purpose of NetField is to display various (mostly annoying) online advertisements. It is uncommon for apps of this type to be installed by users intentionally. NetField and
Brook is a Remote Administration Trojan (RAT) built using the versatile Go programming language. It is a sophisticated tool with the added capability of extracting sensitive information. This combination of stealth and power makes Brook a formidable threat in the realm of cybersecurity, capable of
XSSLite is an information stealer. It was developed as part of a monetary prize-driven competition held on a Russian hacker forum. There are several variants of this malware; the original version written in the C# programming language was made available for free by the developers, while another va
44Caliber is a notorious information stealer malware known for its sophisticated capabilities. Information stealers are malicious programs designed to covertly extract sensitive data from infected devices (e.g., login credentials, financial information, and personal documents). Thus, users who hav
Our researchers discovered mtxadvert[.]com while investigating suspicious websites. Upon inspection, we determined that this rogue webpage promotes browser notification spam and redirects users to other (likely dubious or malicious) sites. Most visitors to mtxadvert[.]com and pages akin to it acc
During our analysis of the goabeefoad[.]com website, we discovered its utilization of deceptive tactics, specifically clickbait, aimed at enticing unaware visitors to consent to receive notifications. Numerous comparable pages to goabeefoad[.]com exist, and it is essential to highlight that users
In our examination of the bemadsonline[.]com page, we found that it uses a deceptive method (clickbait) to lure unsuspecting visitors into agreeing to receive its notifications. There are numerous examples of pages similar to bemadsonline[.]com. It is worth noting that they can redirect users to o
In our examination of the Fast Cars browser extension, we have noted that it alters browser settings to favor a particular address, a behavior commonly referred to as browser hijacking. Users should avoid adding browser hijackers to their browsers to mitigate potential complications. Once