Topdomainblog[.]com aims to deceive its visitors into subscribing to its notifications. Also, this page redirects visitors to other dubious websites. Our team stumbled upon topdomainblog[.]com during an investigation of web pages that use shady advertising networks. Users rarely visit sites like t
During our examination of pages that use shady advertising networks, we discovered gosteadyplaymate[.]store - a deceptive page designed to lure visitors into agreeing to receive notifications. Gosteadyplaymate[.]store displays deceptive content as a lure. Thus, gosteadyplaymate[.]store and similar
Our examination of the "MyGov Secure Message" email revealed that it is fake. This phishing letter is presented as a notification from myGov – a multi-purpose service provided by the Australian Government. myGov primarily deals with government-related (or adjacent) services by providing digital id
Upon reviewing this email, our team has determined that it is fraudulent and pertains to a fabricated purchase order confirmation. Additionally, there is a malicious file attached to the email. It is evident that this email is being utilized by cybercriminals to deceive the recipients into infecti
GoldenWolf42 is ransomware designed to encrypt files, add its extension (".GoldenWolf42") to filenames, change the desktop wallpaper, and create the "read_it.txt" file containing contact and payment information. GoldenWolf42 is based on Chaos ransomware. An example of how GoldenWolf42 renames fil
Our research team discovered the Abstract Art Tab browser extension while checking out rogue websites. This extension promises to display abstract art style browser wallpapers. After analyzing Abstract Art Tab, we determined that it is a browser hijacker. This piece of software makes alterations
Zipp3rs is a ransomware-type program that we discovered while inspecting new submissions to VirusTotal. This piece of malicious software belongs to the Xorist ransomware family. On our testing system, Zipp3rs encrypted files and appended their titles with a ".zipp3rs" extension. For example, an o
Our researchers discovered the CleanTab Refresh browser extension while inspecting dubious websites. It is promoted as an advanced one-click webpage refreshing tool. However, our investigation revealed that CleanTab Refresh operates as advertising-supported software (adware). Adware is des
Interiorz is a browser extension promising easy access to home design related content. Our researchers discovered this piece of software while investigating untrustworthy websites. After inspecting Interiorz, we determined that it is a browser hijacker promoting (via redirects) the prosearchsoluti
Army Signal is a ransomware-type program that our research team discovered while inspecting new submissions to the VirusTotal website. After being executed on our testing system, Army Signal encrypted files and appended their files with a ".SIGSCH" extension. For example, a file originally titled