Fleckpe is a recently discovered Android Trojan family found on Google Play, which secretly subscribes victims to paid services. This Trojan primarily affects users in Thailand. It has been active since the start of 2022 and is continuously updated with new capabilities. Cybercriminals can
While examining websites that utilize illegitimate advertising networks, our team found oneettinlive[.]com, an untrustworthy webpage that presents visitors with deceitful material to trick them into enabling browser notifications. Typically, users do not intentionally visit sites like oneettinlive
While testing the Quick Close Tab extension, we found that it is supposed to close the current tab in a context menu but shows advertisements. Thus, we classified Quick Close Tab as adware. It is worth noting that our team discovered Quick Close Tab on a deceptive website. Usually, apps li
During our examination of malware samples submitted to VirusTotal, we came across a ransomware variant belonging to the Djvu family, dubbed Foty. This ransomware encrypts files and adds the ".foty" extension to the filenames. Additionally, Foty also leaves a ransom note file called "_readme.txt".
Our research team discovered the nongloths[.]com rogue page while inspecting suspicious websites. It is designed to promote spam browser notifications and redirect users to different (likely unreliable/dangerous) sites. Users typically enter webpages like nongloths[.]com through redirects caused b
Nkingwitheaam[.]com is a rogue website that we discovered during a routine inspection of suspicious pages. It is designed to promote browser notification spam and redirect visitors to other (likely untrustworthy/harmful) sites. Users typically access webpages like nkingwitheaam[.]com via redirects
Our researchers found the Tropical Horizons Wallpapers browser extension while inspecting deceptive websites. This piece of software promises to display tropics-themed wallpapers. However, our investigation revealed that Tropical Horizons Wallpapers operates as a browser hijacker, i.e., it makes a
Our inspection of the "Improvements To All Our e Mail Servers" email revealed that it is spam. It falsely claims that the mail servers are undergoing upgrades, which if not implemented – will result in the recipient's email account getting deactivated. This scam letter aims to steal account log-in
While investigating deceptive websites, our research team discovered the Homerun Extension. This browser extension is endorsed as a tool that allows for easy access to the latest sports news and other content. Our analysis of this piece of software revealed that it is a browser hijacker. Homerun
While inspecting mograppido[.]com, our team discovered that this page displays deceptive content to trick visitors into subscribing to push notifications. We also found that mograppido[.]com has at least two similar appearances. We stumbled upon mograppido[.]com during an examination of other shad