MQsTTang is a type of malware that serves as a backdoor, enabling attackers to run commands on a target computer and receive the resulting output. This malware uses the MQTT protocol to communicate with its C&C server. Threat actors behind MQsTTang are targeting political and government entiti
Our researchers discovered the 9betdownload[.]com rogue webpage during a routine investigation of dubious sites. This page promotes untrustworthy/harmful software and spam browser notifications. Additionally, 9betdownload[.]com can redirect users to other (likely unreliable/dangerous) websites. M
While testing searchstartnow.com, we found that it is a shady search engine that may generate misleading results. It is worth noting that search engines of this kind are promoted through browser-hijacking apps. Users often download and add (or install) browser hijackers without realizing it.
Suchefinde.net is the address (URL) of a fake search engine. Typically, these websites are incapable of providing search results. However, suchefinde.net is an exception, but the results it provides can be inaccurate and may include irrelevant/harmful content. These sites are promoted (via redire
Our researchers discovered the Buzz application during a routine inspection of deceptive websites. In the investigation, an installer bundled with this app was found on a site offering fake "cracked" software downloads. Our analysis of Buzz revealed that it operates as advertising-supported softwa
While inspecting browser-hijacking software, our research team discovered the quicklyexplore.com fake search engine. Websites of this kind usually cannot provide search results, and while quicklyexplore.com can – they are inaccurate and may include deceptive/dangerous content. Illegitimate search
Newsearchera.com is the address of a fake search engine. Typically, these sites cannot provide search results, and while newsearchera.com can – the results can be inaccurate and include deceptive/harmful content. In most cases, illegitimate search engines are promoted (via redirects) by browser-hi
Our inspection of the "Incoming Mails Have Been Restricted" email revealed that it is spam. It operates as a phishing scam and targets recipients' email account log-in credentials. This fake email claims that messages failed to reach the recipient's inbox and that the account will be deactivated –
After inspecting the "Company Contact" email, we determined that it is malspam. This fake business-related email contains a malicious attachment. The file distributed through this spam mail is designed to infect recipients' devices with the FormBook malware. The spam email with the subject
After inspecting the email, we have confirmed that it is a phishing scam disguised as a letter regarding some important inquiry. The scammers aim to deceive the recipients into giving away their personal information. Therefore, we recommend marking the email as spam and deleting it. The em