After investigating the "Two-Factor Verification" email, we determined that it is spam. The letter falsely claims that the recipient's email account must be authenticated for security purposes. This mail promotes a phishing website that mimics the recipient's email account sign-in page. Th
Prizehubtop[.]top is an untrustworthy page that our team discovered while inspecting pages associated with shady advertising networks. The purpose of prizehubtop[.]top is to trick visitors into permitting it to show notifications. Users should never allow such pages to send notifications.
Our team examined this page and found that it shows a deceptive message that claims users are eligible for a free giveaway. It is not a genuine giveaway, and scammers attempt to collect personal data for malicious purposes, such as identity theft, spamming, or selling information to other criminal
SXH is a data-stealing malware developed in the Go programming language. Its primary objective is to collect a wide range of data from infected systems. The stolen data can then be exploited for various malicious purposes, including identity theft, financial fraud, and other cybercrimes. Thus, SXH
While inspecting new submissions to the VirusTotal site, our research team discovered the Architects malicious program. It is classified as ransomware; malware within this classification encrypts data in order to demand ransoms for its decryption. On our test machine, Architects encrypted files a
During our investigation of malware samples on the VirusTotal platform, we came across a ransomware variant known as Kitu. This particular ransomware utilizes file encryption to restrict access to files and appends the ".kitu" extension to filenames. Furthermore, it creates a ransom note called "_
During a routine inspection of untrustworthy websites, our researchers discovered the iamadssystems[.]com rogue page. It promotes browser notification spam and redirects users to other (likely dubious/malicious) sites. Most visitors to iamadssystems[.]com and similar webpages access them through
Smartshopsearch.com is the address of an illegitimate search engine. Websites of this kind are typically promoted by browser hijackers. This software modifies browser settings in order to cause redirects to endorsed sites. Additionally, fake search engines and browser hijackers usually have data-t
Our research team discovered the obsidiancutter[.]top rogue webpage while investigating untrustworthy sites. This page is designed to promote browser notification spam and redirect visitors to other (likely unreliable/harmful) websites. Most users access obsidiancutter[.]top and webpages akin to
Babylon is the name of a Remote Access Trojan (RAT). This program is designed to allow remote access and control over infected machines. Like most trojans of this kind, Babylon is multi-functional. It can perform various commands on compromised devices, and as such, it is deemed to be a high-risk