Our research team discovered the Plantastic Tab browser extension during a routine investigation of deceptive websites. It operates by modifying browser settings to promote (via redirects) the plantastictab.com fake search engine. Due to this behavior, Plantastic Tab is categorized as a browser hi
Theronadforyou24[.]com is a rogue webpage that we found during a routine inspection of questionable sites. This page is designed to promote spam browser notifications and redirect visitors to different (likely unreliable/dangerous) websites. Most users enter pages like theronadforyou24[.]com via
Museum Views Tab is a rogue browser extension that our research team discovered while inspecting suspicious websites. After analyzing this extension, we determined that it is a browser hijacker. Museum Views Tab makes alterations to browser settings in order to promote the museumviewstab.com illeg
While investigating suspicious sites, our research team found theowletnow[.]com rogue webpage. It operates by pushing browser notification spam and redirecting users to other (likely unreliable/hazardous) websites. Most visitors to theowletnow[.]com and sites akin to it – access them via redirect
After examining the "Mailbox Restriction Notice" email, we determined that it is spam used to run a phishing scam. This letter makes false claims regarding the suspension of the recipient's email account due to a lack of storage space. The aim is to promote a phishing site targeting email account
Buhti is ransomware targeting both Windows and Linux systems. The Buhti ransomware payload, designed to target Windows computers, is a variant of the previously leaked LockBit 3.0 ransomware with minor modifications. In order to attack Linux systems, Buhti ransomware utilizes a modified version of
Kraken is a malware that empowers threat actors to illicitly acquire diverse sensitive information from different web browsers and applications. The creators of Kraken offer it for sale on a hacker forum, with pricing options of $29 for 30 days, $49 for 90 days, and $69 for 180 days. Cybercriminal
Koddams[.]xyz is a rogue page that we discovered during a routine inspection of untrustworthy websites. It attempts to deceive visitors into enabling its browser notification delivery. Additionally, this webpage can redirect users to different (likely dubious/malicious) sites. Most visitors to pa
EXISC is a ransomware-type program that we discovered while investigating new submissions to the VirusTotal site. It is designed to encrypt data and demand payment for its decryption. After we executed a sample of this ransomware on our testing system, it encrypted files and appended their titles
During our analysis of topsadrettin[.]com, we identified that the website exhibits a deceptive message and prompts visitors to grant permission to display notifications. Moreover, topsadrettin[.]com has the potential to redirect users to other dubious websites. We encountered topsadrettin[.]com wh