Upon analysis of the Architecture Tab browser extension, our team has determined that it operates as a browser hijacker by altering browser settings to promote a fake search engine called srchingoz.com. It is important to note that users typically add browser hijackers such as Architecture Tab to
Owletguide[.]com is a rogue webpage that our research team discovered while investigating dubious websites. This page is designed to push browser notification spam and redirect visitors to different (likely unreliable/malicious sites). Users typically enter webpages like owletguide[.]com through
Gosteadybuddy[.]store has been identified as an untrustworthy website that uses clickbait tactics to deceive visitors into subscribing to its notifications. Our team found gosteadybuddy[.]store while researching web pages that use questionable advertising networks. It is worth noting that most use
Gatz is part of the Djvu ransomware family and operates by encrypting files and adding the ".gatz" extension to their names. In addition, the ransomware produces a "_readme.txt" file containing guidelines on how to pay the ransom. Our researchers encountered Gatz during an analysis of malware samp
After inspecting the "Domain Ownership Has Expired" email, we determined that it is spam operating as a phishing scam. The fake letter states that due to expired domain ownership, the recipient's email account will be deactivated. This spam email aims to deceive recipients into attempting to sign
Topdomainblog[.]com aims to deceive its visitors into subscribing to its notifications. Also, this page redirects visitors to other dubious websites. Our team stumbled upon topdomainblog[.]com during an investigation of web pages that use shady advertising networks. Users rarely visit sites like t
During our examination of pages that use shady advertising networks, we discovered gosteadyplaymate[.]store - a deceptive page designed to lure visitors into agreeing to receive notifications. Gosteadyplaymate[.]store displays deceptive content as a lure. Thus, gosteadyplaymate[.]store and similar
Our examination of the "MyGov Secure Message" email revealed that it is fake. This phishing letter is presented as a notification from myGov – a multi-purpose service provided by the Australian Government. myGov primarily deals with government-related (or adjacent) services by providing digital id
Upon reviewing this email, our team has determined that it is fraudulent and pertains to a fabricated purchase order confirmation. Additionally, there is a malicious file attached to the email. It is evident that this email is being utilized by cybercriminals to deceive the recipients into infecti
GoldenWolf42 is ransomware designed to encrypt files, add its extension (".GoldenWolf42") to filenames, change the desktop wallpaper, and create the "read_it.txt" file containing contact and payment information. GoldenWolf42 is based on Chaos ransomware. An example of how GoldenWolf42 renames fil