RedEnergy is the name of an information stealer that employs a fake update campaign to target multiple industry sectors. This malicious software has the capability to extract information from different web browsers, allowing sensitive data to be stolen. Additionally, it incorporates various module
MachineDesktop is a rogue app that we discovered while investigating new submissions to the VirusTotal site. After inspecting this application, we determined that it is advertising-supported software (adware). Additionally, we learned that MachineDesktop belongs to the AdLoad malware family.
TriangleDB is a spyware-type program. It is designed to extract/record and exfiltrate vulnerable data from infected iPhone devices. TriangleDB has been observed being injected into devices by the Triangulation backdoor. This malware campaign is sophisticated; the infection is triggered without
Triangulation is the name of malware targeting iOS devices. It is part of a highly sophisticated campaign. Triangulation serves as a backdoor – a program that opens a "backdoor" for further infections. The malware can gather basic device/user data and download/install additional malicious compon
During our investigation of ooumoughtcall[.]com, we discovered that it is a deceptive website that presents a misleading message to entice visitors into consenting to receive notifications. Furthermore, ooumoughtcall[.]com can download a potentially harmful file. As a result, it is advisable to ex
During our examination of web pages linked to unreliable advertising networks, we encountered heavypcprotection[.]com. Our investigation revealed that heavypcprotection[.]com is an untrustworthy website known for promoting the "McAfee - Your PC is infected with 5 viruses!" scam. Furthermore, heavy
Sqoo search engine is the name of an extension that operates as a browser hijacker. This piece of software makes changes to browser settings in order to generate redirects that go through the sharesceral.uno and sqoo.co fake search engines. Additionally, this browser extension spies on users' brow
During a routine inspection of new submissions to VirusTotal, our researchers found the PrimaryRemote application. Our examination revealed that this app operates as advertising-supported software (adware). We also determined that PrimaryRemote is part of the AdLoad malware family. Adwar
PrimaryBuffer is a rogue application that our research team discovered while investigating new submissions to VirusTotal. After examining this piece of software, we determined that it is adware belonging to be AdLoad malware family. Adware stands for advertising-supported software. Its p
Bfjaxi[.]cfd is a shady website that our team encountered while examining sites that use rogue advertising networks. While inspecting bfjaxi[.]cfd, we noticed that this website uses a deceptive approach to receive permission to show notifications. It is worth mentioning that users often land on su