Our analysis of the email identified it as a fake notification posing as a letter from WeTransfer, a Dutch internet-based file transfer service company. The email is designed to deceive recipients into divulging personal information, a tactic commonly known as phishing. Emails of this kind should
When examining magmaheartforger[.]top, it was noted that the page uses deceptive methods to trick visitors into allowing it to show notifications. There are at least two versions of magmaheartforger[.], both created for the same purpose. Also, magmaheartforger[.]top may redirect to other unreliabl
Rage (also known as RageStealer, xStealer) is an information-stealing malware. This stealer was previously known as Priv8 until its rebrand – Rage – resurfaced in the summer of 2023. This malicious program is designed to exfiltrate data, predominantly log-in credentials (usernames/passwords).
During our investigation, we discovered that mobilisearch.com is a fake search engine promoted through malicious browser extensions. Typically, users are compelled to utilize such search engines via a technique known as browser hijacking. Trusting mobilisearch.com or applications created to hijack
During our examination, we discovered that ProcesserCache is an undesirable application classified as adware. Apps like ProcesserCache are designed to display intrusive advertisements and may also collect user information. Consequently, it's advisable to avoid trusting ProcesserCache and similar
In our evaluation of samples uploaded to Virustotal, we discovered the JerryRansom ransomware, which is based on the Chaos ransomware. JerryRansom encrypts files, changes the desktop wallpaper, crates a ransom note (the "Read_me.txt" file), and appends four random characters to filenames. For ins
Although Web Ads Filter is marketed as a browser extension for getting rid of offensive advertisements, our examination indicates that it functions as adware. Once added to a web browser and activated, Web Ads Filter inundates users with irritating advertisements that could potentially direct them
Myhotfeed[.]com is the address of a rogue webpage discovered by our research team during a routine investigation of suspect sites. This website endorses browser notification spam and redirects users to different (likely dubious/malicious) pages. Most visitors to webpages like myhotfeed[.]com ente
ChipsOverallKind is a rogue application found by our research team during a routine investigation of new file submissions to the VirusTotal platform. Upon inspection, we determined that this app is adware from the AdLoad malware family. ChipsOverallKind runs intrusive advertisement campaigns an
Wing is the name of a ransomware-type program. This malware is designed to encrypt files and demand ransoms for their recovery (decryption). We have obtained a test sample of this ransomware and executed it on our testing system. The program appended locked files with a ".wing" extension, e.g., a