After examining the "Social Security Administrator" email, we determined that it is spam. We found two variants of this mail; the text in the body of the letter was the same, while the attachments differed. This scam uses false claims regarding serious Social Security number issues to trick recipi
While investigating websites employing questionable advertising networks, we encountered topatincompany[.]com, which is among the numerous sites that employ deceptive tactics to deceive visitors into granting permission to display notifications. Furthermore, while browsing topatincompany[.]com, vi
FantasyMW is a rebrand of goatRat malware. FantasyMW is an Android banking trojan, a type of malware that specifically targets banking-related information. There are several variants of this malicious program, with one of the main differences in-between being the number of Brazilian banks it targ
While investigating new submissions to VirusTotal, our research team discovered another ransomware based on Chaos – called Eren Yeager. Malware within this classification is designed to encrypt data and demand payment for its decryption. After we executed a sample of Eren Yeager ransomware on our
During our examination of equaffism[.]com, we found that this is an untrustworthy page designed to trick visitors into agreeing to receive notifications. The page displays a misleading message as a lure. Also, equaffism[.]com redirects visitors to other websites that may be malicious. Thus, equaff
While examining websites associated with dubious advertising networks, we came across sughthroies[.]com. This particular site employs a deceitful technique to convince visitors to agree to receive notifications. It is crucial to be aware that while browsing sughthroies[.]com, users may also encoun
While examining backbelong[.]com, we found that this page promotes a scam and wants to show notifications. Our team encountered backbelong[.]com during an inspection of similar websites. It is worth noting that it is uncommon for pages like backbelong[.]com to be visited by users intentionally.
While investigating deceptive webpages, our research team discovered the "Space backgrounds pictures" browser extension. It is promoted as a tool that displays space-themed browser wallpapers. However, our analysis revealed that Space backgrounds pictures is a browser hijacker. It makes alteratio
Our researchers discovered DeveloperEngine adware while investigating new submissions to the VirusTotal website. This application belongs to the AdLoad malware family, and it is designed to run intrusive ad campaigns. Advertising-supported software operates by displaying advertisements, and it o
HelloTeacher is the designated name for a recently discovered Android spyware variant targeting unsuspecting users in Vietnam. This malware possesses advanced functionalities, including the ability to extract contact details, SMS data, photos, the list of installed apps, and capture images and rec