Sponsor is a malware variant that operates as a backdoor. It has been identified in cyberattacks directed at various sectors, including healthcare, manufacturing, retail, insurance, communications, and telecommunications companies, among others. Sponsor backdoor is coded using the C++ programming
MetaStealer is a type of malware designed to target Mac users. Its primary objective is to obtain sensitive information from its victims. This malicious software is built using the Go programming language. Once infiltrated, MetaStealer poses a significant threat to the privacy and security of Ma
HijackLoader is a loader-type malware. It is designed to cause chain infections, i.e., download/install additional malware onto infected machines. HijackLoader is rather basic in and of itself – however, it relies on multiple modules to greatly expand its arsenal of features. This loader has been
Phoenix refers to a backdoor malware specifically designed to target Android users. In general, backdoor malware like Phoenix is a type of malicious software that clandestinely gains access to a user's device, potentially compromising its security and privacy. Thus, victims of the Phoenix attacks
While analyzing malware samples uploaded to the VirusTotal website, we discovered ransomware dubbed AnonTsugumi. This malicious program encrypts files, appends the ".anontsugumi" extension to the filenames of the affected files, changes the desktop wallpaper, and provides a ransom note ("README.tx
While examining the Gamelogger for Windows application (also known as OA Previewer), we identified that its installation package includes additional questionable elements. Additionally, we were unable to ascertain the specific functionality of Gamelogger for Windows. Consequently, we have categori
While examining highpotencyguard[.]com, we discovered that the purpose of this page is to trick visitors into believing that their computers are infected. Also, highpotencyguard[.]com aims to receive permission to send notifications. It is important to note that users often land on sites like high
Alltimebestdefender[.]com is a rogue webpage that we discovered while inspecting suspect sites. This page is designed to host scams and promote browser notification spam. It can also redirect visitors to different (likely untrustworthy/harmful) websites. Most users enter webpages like alltimebest
While investigating questionable websites, our researchers discovered a deceptive page endorsing an installer containing the Zodiac Search browser extension. It is promoted as a tool for easy access to horoscopes. Our analysis of Zodiac Search revealed that it is a browser hijacker. This extensio
Our research team found the lifepcessentials[.]com rogue page while checking out untrustworthy websites. It runs online scams and pushes browser notification spam. Additionally, this webpage can redirect users to other (likely suspicious/malicious) sites. Most visitors to lifepcessentials[.]com a