Nitrogen is a malicious campaign in which cybercriminals exploit Google and Bing ads to target users searching for specific IT tools. The objective is to infiltrate enterprise environments and inject tools like Cobalt Strike. The attackers aim to gain unauthorized access to these environments and
After analyzing VentureConnect, our team has determined that its primary function is to display bothersome advertisements to users. Such applications fall under the category of adware. It is important to highlight that it is common for apps like VentureConnect to be downloaded and installed unkn
After examining the Retro Sunset browser extension, it became apparent that its purpose is to act as a browser hijacker to promote search.retrosunset.net, a fake search engine. Retro Sunset modifies the settings of a web browser to take control over it. Most users unknowingly download and add app
While inspecting suspicious sites, our researchers discovered the AerospaceSearchTab browser extension. It is presented as a piece of software that displays aerospace-themed browser wallpapers. However, after analyzing AerospaceSearchTab, we learned that it is a browser hijacker promoting the aero
Our researchers discovered the VirtualNano app during a routine inspection of new submissions to VirusTotal. After examining this application, we determined that it is advertising-supported software (adware). It is pertinent to mention that VirtualNano is part of the AdLoad malware family.
Perfect New Tab is a rogue browser extension that our research team discovered while investigating deceptive sites. This piece of software is promoted as a tool that displays browser wallpapers. Our examination of Perfect New Tab revealed that it modifies browser settings in order to generate red
After reviewing the "Your Email Has Used Up It Inbox Space" email, we determined that it is spam. This mail operates as a phishing scam. The letter falsely claims that the recipient will be unable to use their email account until they expand its storage. The goal is to extract recipients' email lo
Qwixx is a stealer-type malware. This malicious program operates by extracting vulnerable information from various applications installed on infected systems. Qwixx targets account log-in credentials, credit card numbers, and other highly sensitive data. As mentioned in the introduction, Q
Upon inspecting the Shop Tab browser extension, it became evident that it functions as a browser hijacker intended to promote shoptab.xyz, a fake search engine. Shop Tab alters a web browser's settings, effectively hijacking it. It is worth noting that many users unwittingly download and add appli
Realst is a malicious program that targets sensitive information. Two versions of this malware exist, targeting Apple and Windows devices, respectively. Of particular concern is that some of its most recent versions are designed to exploit macOS 14 Sonoma, the upcoming operating system that is s