Popup Blocker Gold is marketed as a browser extension that blocks advertisements, but while testing it, we found that it actually generates advertisements, making it an advertising-supported application. It is worth noting that adware is often distributed/promoted using questionable methods. Thus,
We have determined that this letter is an investment scam email. The individuals behind this scam purport to be interested in investing in a business and request the recipient's assistance with receiving and securing funds. Such scam emails are frequently used to obtain money and (or) personal inf
Our researchers found the cvgdownthe[.]xyz rogue page during a routine inspection of suspicious websites. This site employs fake CAPTCHA verification to deceive visitors into enabling it to deliver spam browser notifications. Additionally, it can redirect users to different (likely unreliable/mali
While investigating dubious websites, our research team discovered the Shopping Pal browser extension. It promises easy access to exclusive deals straight from the Google search engine. However, our inspection of the Shopping Pal extension revealed that it is adware. Adware stands for adve
After inspecting the "Investment Into Building Homes For Orphans" email, we determined that it is spam. The letters belonging to this campaign use a scam model in which the recipients are promised exorbitant amounts of money. This spam mail aims to extract personally identifiable information and m
While examining malware samples submitted to VirusTotal, our team discovered a ransomware variant belonging to the Phobos family dubbed Unknown. This ransomware encrypts files and modifies their filenames, and provides two ransom notes (creates "info.hta" and "info.txt" files). Unknown ransomware
Creal is a stealer-type malware written in the Python programming language. Malicious programs within this classification are created for the purpose of stealing sensitive information. Creal targets log-in credentials, data related to messaging software, cryptocurrency wallets, and other vulnerabl
While examining pages that use rogue advertising networks, we discovered yournicejournal[.]com. This website uses a clickbait technique to trick visitors into agreeing to receive notifications. Also, yournicejournal[.]com redirects to other websites. Thus, this page should not be trusted/visited.
PY#RATION is a Python-based malware that shows characteristics of remote access trojan (RAT). It is capable of remotely controlling infected computers and maintaining persistence. PY#RATION has a variety of features, including data exfiltration and keylogging. PY#RATION has the ability to
Our researchers discovered the chaeffulace[.]com rogue page while checking out dubious websites. It is designed to promote browser notification spam and redirect visitors to other (likely untrustworthy/malicious) sites. Most users access webpages like chaeffulace[.]com via redirects caused by site