During the examination of malware samples submitted to VirusTotal, our team of experts in malware detection identified Weqp, a ransomware variant associated with the Djvu family. Weqp operates by encrypting data and appending the ".weqp" extension to the affected files. Additionally, it generates
During a routine inspection of untrustworthy websites, our researchers discovered the datingstyle[.]top rogue page. It promotes spam browser notifications and redirects visitors to other (likely unreliable/malicious) sites. Users most commonly access webpages like datingstyle[.]top via redirects
During our investigation, we discovered that recutasseuccars[.]com employs a deceitful tactic to entice visitors into enabling notifications. Additionally, this website redirects users to other untrustworthy websites. Our team came across recutasseuccars[.]com while examining sites associated with
Our team examined gaming-trending-news[.]com and learned that the purpose of this site is to trick visitors into agreeing to receive notifications. Gaming-trending-news[.]com displays deceptive content as a lure. Also, gaming-trending-news[.]com may redirect users to more potentially malicious pag
Gadkasdomm[.]com is a rogue page that we found during a routine investigation of suspicious websites. It operates by endorsing browser notification spam and redirecting users to different (likely dubious/malicious) sites. Most visitors to gadkasdomm[.]com and similar webpages enter them inadverte
Our researchers discovered the edrubyglo[.]buzz rogue page while investigating suspect websites. This webpage is designed to push browser notification spam, and at the time of research, it did so by employing fake CAPTCHA verification. Additionally, edrubyglo[.]buzz is capable of redirecting visit
Our researchers discovered the detectmus[.]com rogue website during a routine inspection of suspicious pages. It is designed to promote browser notification spam and redirect users to different (likely dubious/dangerous) sites. Users primarily access webpages like detectmus[.]com via redirects ge
Our researchers discovered the bguhnh[.]com rogue webpage during a routine investigation of dubious websites. It operates by promoting browser notification spam and redirecting visitors to other (likely unreliable/malicious) sites. Users typically enter pages like bguhnh[.]com via redirects gener
While investigating suspect websites, our researchers found the foryoupromo[.]com rogue page. It is designed to endorse scams and browser notification spam. This webpage can also redirect users elsewhere (likely untrustworthy/malicious sites). Most visitors to foryoupromo[.]com and similar pages
PixBankBot is an Android banking Trojan that exploits the Pix instant payment platform. This Trojan specifically targets Brazilian banks and employs an ATS (Automated Transfer System) framework for its operations. It should be removed from infected devices as soon as possible to avoid potential ha