News-jagone[.]com is a webpage discovered by our researchers during a routine inspection of untrustworthy websites. This page is designed to promote spam browser notifications and redirect visitors to other (likely dubious/harmful) sites. Redirects caused by websites utilizing rogue advertising ne
FvncBot is a trojan targeting Android OSes (Operating Systems). It is a multifunctional malicious program that can execute various commands on infected devices and perform overlay attacks. In the autumn of 2025, FvncBot was discovered being distributed under the guise of an app associated with mBa
SeedSnatcher is an Android malware disguised as a crypto app named Coin (this app functions as a loader). The malware is often delivered through Telegram channels. It starts with basic permission requests before gaining access to files, contacts, call logs, and other private data. Cybercriminals u
Our research team discovered the Emperor malicious program while browsing new file submissions to the VirusTotal website. We determined that Emperor is a ransomware-type program that encrypts data and demands a ransom for the decryption. On our testing system, this malware encrypted files and add
Our researchers discovered nummusely[.]com while browsing suspicious sites. After examining this rogue webpage, we learned that it endorses browser notification spam and generates redirects to various (likely unreliable/malicious) websites. Most visitors to pages like nummusely[.]com enter them th
We have run the malware on our testing device and found that Kron is ransomware. Once executed, it encrypts files and appends the ".Kron" extension to them. Also, it drops a ransom note, a text file named "R3ADM3.txt". An example of how files encrypted by Kron are renamed: "1.jpg" is changed to "1
Our team has inspected okeluvilighan.co[.]in and found that it uses clickbait to get permission to send notifications. If users agree to get those notifications, the site can bombard them with unwanted ads, bogus warnings, and similar messages containing links to potentially malicious pages. Thus,
While investigating dubious websites, our researchers discovered millyspheneiver[.]com. This rogue webpage promotes spam browser notifications and produces redirects to other (likely suspicious/harmful) sites. Most visitors access pages like millyspheneiver[.]com via redirects generated by sites t
Our research team discovered the kexornero.co[.]in rogue page while browsing untrustworthy websites. This webpage is designed to promote browser notification spam and redirect users to different (likely unreliable/dangerous) sites. Kexornero.co[.]in and similar pages are most commonly accessed thr
Demonthopeerif[.]com is a rogue webpage discovered by our researchers during a routine investigation. Upon examining this page, we learned that it promotes browser notification spam and generates redirects to other (likely unreliable/hazardous) sites. The majority of visitors to demonthopeerif[.]