During our examination of prowimoniser[.]com, we discovered that its objective is to deceive visitors into consenting to receive notifications and redirect them to other deceptive websites. The site employs misleading content to obtain permission to send notifications. Our team encountered prowimo
During the testing phase of the TokenCollective application, our team noticed that it exhibits invasive ads. Consequently, we categorized TokenCollective as adware. Adware is typically promoted and disseminated through dubious means, often leading to unintended downloads and installations by use
Our research team discovered CryptoTorLocker while investigating new malware submissions to VirusTotal. This malicious program is a variant of the CryptoLocker ransomware. Software within the ransomware classification encrypts data and demands payment for its decryption. After we executed a sampl
Lntriguingdate[.]com is a rogue page that we discovered while checking out untrustworthy websites. It is designed to load dubious content and promote browser notification spam. Furthermore, this webpage can redirect visitors to other (likely dubious/malicious) sites. Most users access pages like
Our team has examined searchontec.com and learned that it is a shady search engine that may provide questionable search results. Another issue with search engines of this kind is that a big part of them is promoted via browser hijackers. It is common for browser-hijacking apps to be promoted and d
Quick access to Chat GPT is the name of a fake Chrome extension designed to steal Facebook accounts. Although most of the targeted accounts are used for business/advertising, regular users are also at risk. It is being advertised on Facebook-sponsored posts as a tool allowing users to quickly acce
After examining this letter, we concluded that it is a fake letter from DHL - a legitimate logistics company providing courier, package delivery, and express mail service. Cybercriminals behind this email aim to trick recipients into infecting their computers with malware via the attached archive
Valyria is a detection name used by many security vendors. Files of various formats, including (but not limited to) malicious Microsoft Office documents, VBS, JavaScript, EXE, and others – can be detected as "Valyria". Typically, this detection indicates that the file is a dropper. These types of
After inspecting the "Payment Via ATM Visa Card Will Be Shipped" email, we determined that it is spam. This fake letter is presented as a missive from the "Executive Office of the President United States American" (mistyped the same in the original) and even the 46th president of the USA – Joe Bid
DrWeb is ransomware belonging to the Xorist family. Our malware researchers discovered DrWeb during an analysis of malware samples submitted to the VirusTotal website. DrWeb encrypts files, appends the ".DrWeb" extension to filenames, displays an error pop-up window and creates the "КАК РАСШИФРОВА