Upon examination, we determined that the "Confirm Hotel Bank Account" email is malspam. This letter requests the recipient to review the attached receipt to confirm that the correct bank account is indicated in the payment. However, the attachment is intended to infect devices with the XLoader mal
Upon reviewing the email, we have identified it as a fraudulent message generated by cybercriminals impersonating hotel administration or a similar entity. The intent behind this email is to deceive recipients into unwittingly installing and activating malware on their devices. Therefore, recipien
After inspecting the "Operating System Was Compromised Under My Direction" email, we determined that it is spam. This fake letter promotes a sextortion scam. The goal is to trick recipients into paying a ransom to prevent a hacker from leaking compromising footage and other personal data. It must
While investigating dubious websites, our research team discovered the news-fujopo[.]cc rogue page. It operates by promoting browser notification spam and redirecting visitors to different (likely untrustworthy/dangerous) sites. Most users access webpages like news-fujopo[.]cc via redirects gener
While delving into the NetField app, we stumbled upon the realization that it is an advertising-supported app (adware). The purpose of NetField is to display various (mostly annoying) online advertisements. It is uncommon for apps of this type to be installed by users intentionally. NetField and
Brook is a Remote Administration Trojan (RAT) built using the versatile Go programming language. It is a sophisticated tool with the added capability of extracting sensitive information. This combination of stealth and power makes Brook a formidable threat in the realm of cybersecurity, capable of
XSSLite is an information stealer. It was developed as part of a monetary prize-driven competition held on a Russian hacker forum. There are several variants of this malware; the original version written in the C# programming language was made available for free by the developers, while another va
44Caliber is a notorious information stealer malware known for its sophisticated capabilities. Information stealers are malicious programs designed to covertly extract sensitive data from infected devices (e.g., login credentials, financial information, and personal documents). Thus, users who hav
Our researchers discovered mtxadvert[.]com while investigating suspicious websites. Upon inspection, we determined that this rogue webpage promotes browser notification spam and redirects users to other (likely dubious or malicious) sites. Most visitors to mtxadvert[.]com and pages akin to it acc
During our analysis of the goabeefoad[.]com website, we discovered its utilization of deceptive tactics, specifically clickbait, aimed at enticing unaware visitors to consent to receive notifications. Numerous comparable pages to goabeefoad[.]com exist, and it is essential to highlight that users