GoBear is a backdoor malware crafted in the Go language and authenticated with a legitimate D2innovation Co.,LTD certificate. This insidious threat operates by executing malicious commands received from a Command and Control (C&C) server. Notably, GoBear enhances its capabilities by integratin
Written in Go language, Troll is a piece of malware that specializes in stealing sensitive information from infected computers. This malware operates through a multi-faceted approach, initially infiltrating systems via a deceptively innocent facade - a dropper masquerading as a benign security pro
"Win32/OfferCore" (or simply "OfferCore") is a generic detection name used by many security vendors to track bundled setups. Basically, bundlers refer to installers containing several pieces of software. Bundled setups may comprise a single legitimate program with untrustworthy additions or only u
Our analysis of the Press-Tab browser extension showed that it promotes press-tab.com by modifying the browser settings, a tactic known as browser hijacking. It is crucial to note that users often unintentionally add extensions like Press-Tab to their browsers. Pretty often, browser hijackers are
Win32/Grenam is the detection name employed by cybersecurity software to pinpoint a hybrid form of malware blending trojan, worm, and virus characteristics. It is important to note that even after successfully detecting and eliminating this specific threat, conducting a comprehensive scan may unco
Upon inspecting the HyperTextCompile application, we found it to possess characteristics typical of ad-supported software. After installation, users may encounter intrusive advertisements designed to promote unreliable websites. Therefore, it is advisable to refrain from installing HyperTextComp
Our research team found the ZenFocusZone browser extension while reviewing suspicious websites. This piece of software alters browser settings in order to promote (through redirects) the zenfocuszone.com fake search engine. Due to this behavior, ZenFocusZone is categorized as a browser hijacker.
After inspecting this Balancer website, we determined that it is fake. It imitates the official platform's site, both its graphics and domain. Once a user tries to interact with the imitator webpage, they are immediately requested to connect their digital wallet – and by doing so, they will inadve
B - Vegan is a rogue browser extension discovered by our researchers during a routine investigation of deceptive sites. After analyzing this extension, we determined that it is a browser hijacker. B - Vegan makes changes to browser settings in order to endorse (via redirects) the b-vegan.net fake
Aesimus, a nefarious variant of the Autolycos malware, wreaks havoc on Android users. Cybercriminals employ deceptive tactics, camouflaging Aesimus within seemingly innocuous creativity applications to lure users. Once infiltrated, this insidious software triggers premium service purchases, inflic