We discovered the NanoService rogue app while investigating new submissions to the VirusTotal website. Our analysis revealed that this application operates as adware and that it is part of the AdLoad malware family. Adware stands for advertising-supported software. Its purpose is to feed
After examining this "DHL Express Notification" email, we determined that it is spam. This fake letter claims that the recipient has pending actions regarding their package. It must be emphasized that this scam email is in no way associated with the actual DHL logistics company. The spam e
After our examination, we have concluded that the MyToDo application operates as a browser extension designed to hijack web browsers. Its primary objective is to take control of browser settings and enforce a deceptive search engine known as mylistodo.com. Moreover, MyToDo possesses the capability
Upon reviewing the email, it has come to our attention that it originates from a fraudulent individual (or individuals) seeking to deceive recipients into believing they have been awarded a substantial amount of money. The ultimate objective is to obtain sensitive information and (or) solicit fund
Upon reviewing the VersionTrust application, we have found that it exhibits intrusive advertisements. Such applications are categorized as adware or advertising-supported applications. It is not uncommon for users to unintentionally install adware without being fully aware of its presence or the
While examining qpsh[.]online, our team discovered that this page uses clickbait to lure visitors into agreeing to receive its notifications. Also, qpsh[.]online can redirect users to other untrustworthy websites. Thus, it is highly advisable to avoid visiting qpsh[.]online. Qpsh[.]online
Merdoor is a backdoor-type malicious program. Software of this kind is designed to open a "backdoor" for malware and malicious components into compromised systems. The threat actor behind Merdoor is dubbed Lancefly. This malware has been around since at least 2018. It has been observed being used
"SoundCloud virus" refers to malware proliferated via hijacked SoundCloud music streaming service platform accounts. The accounts promote links to malignant sites that host malicious programs, including PrivateLoader – a Windows backdoor/loader-type malware, and MobiDash – an adware-type applicati
Our research team discovered the psistaugli[.]com rogue page while investigating dubious sites. It operates by pushing browser notification spam and redirecting visitors to other (likely unreliable/harmful) websites. Most users access webpages like psistaugli[.]com via redirects caused by sites us
After examining the "Bank Draft" spam letter, we determined that it is a phishing email. This mail aims to trick recipients into disclosing personally identifiable information. The deception entails false claims concerning a large amount of money that recipients are supposedly entitled to.