Our inspection of the "Document Received" email revealed that it is spam. This fake letter is presented as a notification regarding a document sent to the recipient via Microsoft SharePoint. This spam promotes a phishing website disguised as SharePoint, which targets email account log-in credentia
After conducting our investigation, our team identified captchawizard[.]top as an untrustworthy website that uses deceptive methods to trick visitors into granting permission for notifications. It is common for users to come across websites like captchawizard[.]top inadvertently. We discovered it
Minas is the name of a cryptocurrency mining malware. It is based on the legitimate XMRIG application designed to mine Monero cryptocurrency. Malware within this classification puts enormous strain on infected machines – thus endangering system and hardware health. Minas employs multiple t
Our researchers discovered the akice.co[.]in rogue site during a routine inspection of untrustworthy websites. It is designed to promote browser notification spam and, at the time of research, used fake CAPTCHA verification for this purpose. Additionally, this page can redirect visitors to differe
While investigating dubious webpages, our researchers discovered the Best Wallpapers browser extension. It is endorsed as a tool that displays browser wallpapers. After installing this extension on our test machine, we learned it is a browser hijacker. Best Wallpapers modifies browser settings to
Our research team discovered the DoubleCache application while investigating new submissions to VirusTotal. After analyzing this piece of software, we determined that it is adware. It is worth noting that DoubleCache is part of the AdLoad malware family. Adware stands for advertising-sup
Adfuhbazi is a ransomware-type program that our researchers discovered while reviewing new submissions to the VirusTotal website. This malicious program is part of the Snatch ransomware family. On our testing system, Adfuhbazi encrypted files and appended their filenames with a ".adfuhbazi" exten
Upon examining online-deal[.]click, we found that it is a deceptive website running a scam similar to "Your PC is infected with 5 viruses!". Additionally, online-deal[.]click wants to show notifications. We discovered online-deal[.]click while inspecting various pages that use rogue advertising ne
In our examination of pages associated with dubious advertising networks, we encountered checkrobotpage[.]online. Our findings revealed that this website uses a clickbait strategy to mislead visitors into granting notification permission and redirects them to fraudulent websites. Therefore, it is
JSOutProx is a JScript-based Remote Access Trojan (RAT). Malware within this classification operates by enabling remote access and control over infected machines. RATs tend to be highly multifunctional pieces of software capable of performing various actions. JSOutProx has been in use since at le