While inspecting suspect websites, our researchers discovered the nvideas[.]site rogue page. It operates by promoting browser notification spam and redirecting users to different (likely unreliable/malicious) sites. Most visitors to pages like nvideas[.]site enter them through redirects generated
Antivirusapp[.]space is the address of a rogue webpage. It is designed to promote scams and browser notification spam. Furthermore, this page can redirect users to other (likely untrustworthy/harmful) sites. The majority of visitors to such webpages access them via redirects caused by websites th
While investigating new file submissions to the VirusTotal website, our researchers discovered the SmartCharacter app. It is classed as advertising-supported software (adware). SmartCharacter is part of the AdLoad malware family. This application is designed to feed users with unwanted and poten
After a review, it has been established that this is a classic technical support scam. In this scheme, deceptive pop-ups appear on a fraudulent page with the intention of misleading visitors into taking specific actions. These actions are geared towards coercing users into engaging in activities t
Our researchers found the bestpenad[.]com rogue page during a routine investigation of suspicious websites. Upon inspection, we determined that this webpage promotes browser notification spam and redirects users to other (likely dubious/malicious) sites. Most visitors to bestpenad[.]com and simil
After investigating this "Adobe Scan" email, we determined that it is spam. The letter makes false claims regarding a document scanned using the Adobe Scan scanner app and sent to the recipient. The goal of this phishing mail is to deceive users into disclosing their email account log-in credentia
The TrickMo banking Trojan, initially spotted in 2019, has resurfaced with enhanced features in 2023. The latest version uses JsonPacker for code concealment and introduces 45 commands, including screen content theft and overlay attacks for credential harvesting. Victims should remove this malware
While investigating new submissions to the VirusTotal website, our research team discovered the GrafGrafel malicious program. It is part of the Phobos ransomware family. Malware within this classification encrypts data and demands ransoms for its decryption. After we executed a sample of GrafGraf
Upon examination, it has become apparent that it is a phishing email disguised as notification from IPS regarding a pending package delivery. The perpetrators behind this scheme have crafted the message with the intention of deceiving recipients into divulging sensitive personal information.
Nbp.app is a piece of malicious software belonging to the Pirrit malware family. Upon inspection, we determined that it exhibits browser hijacker functionalities. Yet it is not unlikely that this software also has adware and data-tracking capabilities. Browser hijackers typically modify