Our inspection of unutcacer[.]com indicates that the site uses clickbait to get visitors to enable its notifications. Once activated, these notifications may direct users to unreliable or potentially harmful websites. Users are advised to remain cautious and avoid following any instructions provid
Our analysis of kinerbum[.]com shows that it relies on clickbait to persuade visitors to allow notifications. Once these notifications are enabled, they can be used to trick users into opening unreliable and potentially harmful websites. It is best to stay cautious when encountering pages like kin
We have examined the page and discovered that it runs a technical support scam. The site displays fake warnings to trick visitors into following the provided instructions. Falling for such scams can lead to various problems, including account hijacking, computer infections, and monetary loss. This
Our team has analysed the malware and determined that it is ransomware. We discovered Immigration ransomware while inspecting malware samples uploaded to VirusTotal. After execution, it encrypts files, creates the "WHATS_HAPPEND.txt" file (a ransom note), and appends the ".eimmigration" extension
Massiv is a banking Trojan aimed at Android devices. It allows threat actors to take control of infected phones and carry out fraudulent transactions from the victim's bank accounts. Cybercriminals disguise Massiv as IPTV apps to trick users searching for online TV services. If detected on a devic
We analyzed cynovira[.]com and found that it uses clickbait to lure visitors into enabling notifications. These notifications may show misleading content and direct users to untrustworthy websites. Users should be cautious with sites like cynovira[.]com and avoid following the instructions they pr
PromptSpy is an Android malware that uses generative AI for persistence. It uses Google Gemini to analyze what appears on the infected device's screen and determine how to remain active in the recent apps list. This helps the malware keep running in the background. Its main goal is to install a VN
BoryptGrab is malware that steals information from infected devices in various ways. It spreads through fake GitHub pages offering free software. It is important to note that during the attack chain involving BoryptGrab, another malware, a backdoor known as TunnesshClient can be injected. If detec
VKontakte (VK)-themed account hijackers are malicious extensions that masquerade as VKontakte customization tools but actually take over VK accounts. There are at least five fake extensions (mentioned in our article below) that contain malware and are designed to perform specific tasks. If any of
The Trojanized version of the RedAlert app looks like the real app, but it secretly injects spyware on the device. It is distributed via SMS phishing (smishing) messages instructing recipients to download an urgent update. The purpose of the malicious application version is to collect sensitive pe