After inspecting the "Purchase Confirmation" email, we determined that it is spam. This letter is presented as a message regarding purchase confirmation. It supposedly contains relevant documentation; however, when the provided link is followed – it redirects to a phishing website that targets ema
While inspecting suspicious websites, our research team discovered a malicious setup promoting the "Abnormal Network Traffic On This Device" scam. It is noteworthy that the installer also endorsed the CovidDash browser hijacker, as well as a bunch of other questionable applications. After we exec
Simple tabs manager is a browser extension that we discovered while investigating untrustworthy sites. It is presented as a tool for managing browser tabs. However, our analysis revealed that Simple tabs manager operates as advertising-supported software (adware). Adware is designed to dis
DAAM is an Android botnet utilized to gain unauthorized access to targeted devices since 2021. Cybercriminals employ it to conduct various malicious operations. With the DAAM Android botnet, threat actors can bind harmful code with a genuine application using its APK binding service. The D
While investigating suspicious sites, our researchers discovered the Cloud Weather browser extension. It is promoted as a quick access tool to cloudy/sunny weather forecasts. Our analysis of this extension revealed that it operates as a browser hijacker. In other words, Cloud Weather modifies bro
After examining the Webb Telescope - New Tab application, we have determined that it is a browser extension designed to take control of web browsers (hijack them). By modifying browser settings, the extension imposes a fake search engine (webbtelescopenewtab.com) on users. Furthermore, Webb Telesc
We have examined this letter and determined that it is a scam email that aims to trick recipients into believing that they have been awarded a large sum of money. This is a common phishing scam, and recipients should not respond to such emails or provide any personal information. The email
Our research team discovered the CRYPTNET ransomware while inspecting new submissions to VirusTotal. Once we executed a sample of CRYPTNET on our test machine, it encrypted files and appended their filenames with an extension comprising five random characters. For example, on our system, a file i
Following an assessment of atinsolutions[.]com, it has been established that the website employs deceitful tactics by exhibiting a false message to coerce visitors into subscribing to notifications. Moreover, atinsolutions[.]com may redirect users to other dubious websites. Consequently, it is adv
Upon analyzing the Audio Player Plus application, our team observed that it exhibits intrusive advertisements. Applications that inundate users with ads are categorized as adware. We stumbled upon Audio Player Plus while scrutinizing a dubious website. It is not uncommon for adware to be promoted