OnlyFans malware refers to a malware campaign that employs deceptive techniques involving counterfeit OnlyFans content and adult-themed lures. The primary objective of this campaign is to install a Remote Access Trojan (RAT) and potentially other forms of malware on the targeted systems. A RAT is
While inspecting au01[.]bid, our team discovered that this website presents deceptive content to receive permission to show notifications. Also, au01[.]bid redirects visitors to other pages. Our encounter with au01[.]bid occurred while examining pages associated with rogue advertising networks.
While investigating dubious websites, our researchers discovered the "your-result" browser extension. It promises to minimize webpage errors and provide site performance data. However, after examining this piece of software, we determined that it is adware. Adware stands for advertising-su
DefaultWindow is a rogue application classified as adware. We discovered this app while investigating new submissions to the VirusTotal site. DefaultWindow is designed to deliver intrusive advertisement campaigns, and it may have additional harmful abilities. This piece of advertising-supported
Calendar New Tab is a browser extension that we found while inspecting suspicious sites. It is endorsed as an extension that displays a calendar on the browser. However, Calendar New Tab makes changes to browser settings in order to generate redirects to the calendarnewtab.com fake search engine.
"Emails From A Trusted Sender" is a phishing email. It aims to trick recipients into disclosing their mail account log-in credentials by claiming that several emails failed to reach the inbox. The spam email with the subject "FYI: [recipient's_email_address] LAST WARNING; INCOMING MAIL BLO
Our research team discovered the LauncherIndex adware-type app during a routine investigation of new submissions to the VirusTotal website. This application belongs to the AdLoad malware family. It operates by running intrusive advertisement campaign and may have additional harmful capabilities.
Upon thorough investigation, we have determined that the Bigoloo application functions as a browser extension with the intent of hijacking web browsers. This app controls browser settings and imposes a fake search engine called search.bigoloo.com. Additionally, Bigoloo is equipped with the ability
Our investigation has determined that this email has been fabricated by scammers posing as an email service provider with malicious intent. The primary objective of these scammers is to deceive recipients into divulging sensitive information through a fake login page, commonly known as a phishing
Our researchers discovered the Udaigen ransomware-type program while investigating new submissions to the VirusTotal website. It operates by encrypting files and demanding payment for decryption. On our test machine, Udaigen encrypted files and appended their filenames with a ".jcrypt" extension.