After inspecting the "Hydro Group Purchase Order" email, we determined that it is malspam – spam proliferating malware. The fake letter is presented as a purchase order from Hydro Group, and it must be emphasized that this legitimate company is in no way associated with this spam. The file attache
While inspecting this letter, we discovered that it is a phishing email masquerading as a letter regarding a quotation of goods. Scammers behind this email aim to trick recipients into providing personal information via the attached HTML file. Recipients should ignore this letter. The emai
We reviewed datinguniversezone[.]top and found that it is an untrustworthy website designed to lure visitors into permitting it to send notifications. Additionally, datinguniversezone[.]top may redirect visitors to other unreliable pages. We discovered datinguniversezone[.]top while examining othe
After reviewing this letter, we concluded that it is a scam email (a phishing letter) designed to lure recipients into providing sensitive information. It contains an attachment that opens a phishing website. This letter is disguised as an email regarding a new project proposal from a travel compa
After downloading and testing RefreshMate, we found that it is a browser extension that shows annoying advertisements. Therefore, we classified RefreshMate as adware. Typically, users download apps of this kind from unreliable sources and (or) unintentionally. RefreshMate is advertised as
Theaddinshop[.]com is a rogue page we discovered while reviewing suspicious websites. It is designed to push browser notification spam and redirect visitors to other (likely untrustworthy/harmful) sites. Users primarily enter webpages akin to theaddinshop[.]com through redirects caused by sites u
While investigating questionable websites, our research team found the ruffcensaop[.]xyz rogue page. It operates by promoting spam browser notifications and redirecting visitors to other (likely unreliable/harmful) sites. Users typically enter webpages like ruffcensaop[.]xyz via redirects caused
Our researchers discovered the Sport Engine browser extension while investigating scam sites. This piece of software supposedly allows users to customize their new browser tabs with sports-related backgrounds. However, our analysis revealed that it operates as a browser hijacker. Sport Engine mod
"Apple iPhone 14 Winner" is a scam promoted on deceptive websites. There are multiple variants of this scheme. The common theme is that the user has won an iPhone 14 or they are offered a chance to win the smartphone. It must be stressed that these claims are fake and they are not associated with
During an examination of malware samples submitted to VirusTotal, we discovered a new Key Group ransomware variant dubbed ExilenceTG. We found that ExilenceTG encrypts files, appends the ".exilenceTG" extension to filenames, and creates a text file ("cyber.txt"). An example of how ExilenceTG rena