DarkTortilla is a crypter that obfuscates, encrypts and manipulates malware to make it difficult for security software to detect it. Cybercriminals have been observed using DarkTortilla to deliver information stealers and remote access trojans (RATs), and targeted payloads such as Cobalt Strike an
While checking out suspicious websites, our research team found therecode247[.]com rogue page. It pushes browser notification spam and redirects users to different (likely unreliable/malicious) sites. Most visitors to webpages like therecode247[.]com access them through redirects caused by website
Our researchers discovered the foundedscan[.]com rogue webpage while inspecting suspicious websites. It operates by promoting scams and spam browser notifications. Additionally, this page can redirect visitors to other (likely untrustworthy/malicious) sites. Users typically enter pages like found
Authenticinspect[.]com is a rogue webpage that our researchers discovered during a routine investigation of untrustworthy sites. This page runs scams, promotes spam browser notifications, and redirects visitors to other (likely unreliable/malicious) websites. Most users enter webpages like authen
BraDex is a banking malware targeting Android operating systems. This malicious program aims to gain access to victims' bank accounts and make fraudulent transactions. At the time of writing, BrasDex targets Brazilian banking applications exclusively. In previous BrasDex campaigns, it infiltrated
While examining foundedcontrol[.]com, we found that it uses deceptive marketing to promote legitimate antivirus software. Foundedcontrol[.]com runs the "McAfee - Your PC is infected with 5 viruses!" scam. It also asks for permission to send notifications. It is recommended to ignore this page.
Pcworksscanner[.]com is a shady website that displays fake/deceptive messages to trick visitors into believing that their computers are infected. It runs the "McAfee - Your PC is infected with 5 viruses!" scam. Also, pcworksscanner[.]com asks for permission to show notifications. Our team discover
During a routine inspection of suspicious websites, our researchers found one promoting the Audio Finder browser extension. It is presented as a tool capable of detecting the source of audio on any webpage and then making it available for download. However, our inspection of this extension reveale
While checking the VirusTotal page for recently submitted malware samples, we discovered an information stealer called PureLogs. Cybercriminals use malware of this type to steal sensitive data that can be monetized in one way or another. Typically, information-stealing malware runs silently in the
Spin2wincash[.]xyz is a rogue webpage that our researchers encountered while investigating suspicious sites. After inspecting this page, we determined that it is designed to promote scams and browser notification spam. It can also redirect visitors to other (likely untrustworthy/harmful) websites.