While analyzing the Dynamic malware, we discovered that it operates as an information stealer. Moreover, it downloads the BlackNET remote access trojan (RAT) on infected computers. Using both of these malicious programs, threat actors can steal sensitive information, take control of infected compu
Our researchers discovered the Airplanes - New Tab browser extension during a routine inspection of deceptive websites. It promises to provide airplane-themed backgrounds for browsers. Our analysis revealed that this extension modifies browser settings in order to cause redirects to the mbextensi
We have inspected yourshields24[.]com and found that this page shows deceptive messages implying that the visitor's device may be infected and offering antivirus protection. Also, yourshields24[.]com asks for permission to show notifications and opens other web pages. This website targets Android
After conducting a test on gotyousearch.com, we have determined that it is an unreliable search engine that produces questionable results. Such search engines are often promoted through browser hijackers. These apps alter web browser settings to promote shady search engines. Gotyousearch.c
After we inspected the "This Is A Secure Message" email, we determined that it is spam operating as a phishing scam. The fake letter states that a secure message has been sent to the recipient – thus attempting to trick them into disclosing their email account log-in credentials. The email
While analyzing the email, our team found that it is a phishing attempt. The perpetrators behind the email intend to deceive recipients into revealing sensitive information on a fraudulent website. The email is designed to resemble a security alert from a cryptocurrency wallet service provider.
Our malware researchers detected Typo, a ransomware variant associated with the Djvu family, while inspecting malware samples submitted to VirusTotal. Ransomware is malware that encrypts files, and Typo is no exception. Moreover, this ransomware modifies filenames by appending the ".typo" extensio
During our analysis of Tyos, we determined that this malware operates as ransomware: it encrypts files and adds the ".tyos" extension to their names. Additionally, it creates a ransom note named "_readme.txt". Our team discovered this ransomware while examining malware samples submitted to the Vir
Smartreviewglobal[.]com is a rogue webpage we discovered during a routine investigation of questionable sites. It is designed to promote scams and browser notification spam. Furthermore, this page is capable of redirecting visitors to different (likely unreliable/hazardous) sites. Users primarily
Our researchers discovered Cool Facts while investigating rogue websites. This browser extension supposedly delivers interesting facts and allows users to get wallpapers, clocks, and other content for their new browser tabs. However, our inspection of Cool Facts revealed that it operates as a brow