Topfieldnow[.]com is a rogue page we discovered while inspecting questionable websites. This webpage promotes browser notification spam and redirects visitors to other (likely unreliable/dangerous) sites. Most users enter pages like topfieldnow[.]com through redirects generated by websites that em
Antoni is the name of a ransomware-type program. Malware, classed as "ransomware", is designed to encrypt data and demand ransoms for its decryption. On our testing system, Antoni ransomware encrypted files and appended their filenames with a ".Antoni" extension. For example, a file initially tit
Qopz, a ransomware belonging to the Djvu family, was detected by our malware researchers while analyzing samples on VirusTotal. This malicious software encrypts files, with Qopz adding the ".qopz" extension to the original filenames and leaving a ransom note called "_readme.txt". For example, a f
Our team came across Qore ransomware during our analysis of malware samples submitted to VirusTotal. Qore is part of the Djvu ransomware family. It encrypts files and adds the ".qore" extension to their filenames. This ransomware also creates a "_readme.txt" file containing payment and contact inf
AuKill is the name of a malware designed to terminate security processes, thus prepping the compromised system for further infections. This malicious software has been implemented in at least three attacks since January 2023. Twice AuKill was used preceding a Medusa Locker ransomware infection an
NodeStealer is a type of malware written in JavaScript and executed through Node.js. It is used by threat actors to steal browser cookies and login credentials, enabling them to hijack Gmail, Facebook, Outlook, and possibly other accounts. The malware was initially discovered in late January of 20
Our research team discovered the dispatchfeed[.]com rogue page while investigating suspicious websites. It is designed to promote spam browser notifications and redirect visitors to other (likely unreliable/harmful) sites. Users primarily enter webpages like dispatchfeed[.]com via redirects cause
Our team's investigation of biserka[.]xyz revealed it to be an untrustworthy website that uses deceptive tactics to persuade visitors into subscribing to notifications. These types of websites are often accessed unintentionally by visitors. Biserka[.]xyz came to our attention while inspecting othe
While investigating rogue webpages, our researchers discovered the reianter[.]com rogue site. It operates by pushing browser notification spam and redirecting visitors to other (likely untrustworthy/dangerous) websites. Most users enter pages like reianter[.]com via redirects caused by sites that
FluHorse is a dangerous Android malware that targets users in Eastern Asia. The malware is distributed through emails and uses several malicious apps that mimic legitimate ones, stealing credentials and 2FA codes. FluHorse has the ability to evade detection for extended periods. FluHorse w