Our researchers found the cvgdownthe[.]xyz rogue page during a routine inspection of suspicious websites. This site employs fake CAPTCHA verification to deceive visitors into enabling it to deliver spam browser notifications. Additionally, it can redirect users to different (likely unreliable/mali
While investigating dubious websites, our research team discovered the Shopping Pal browser extension. It promises easy access to exclusive deals straight from the Google search engine. However, our inspection of the Shopping Pal extension revealed that it is adware. Adware stands for adve
After inspecting the "Investment Into Building Homes For Orphans" email, we determined that it is spam. The letters belonging to this campaign use a scam model in which the recipients are promised exorbitant amounts of money. This spam mail aims to extract personally identifiable information and m
While examining malware samples submitted to VirusTotal, our team discovered a ransomware variant belonging to the Phobos family dubbed Unknown. This ransomware encrypts files and modifies their filenames, and provides two ransom notes (creates "info.hta" and "info.txt" files). Unknown ransomware
Creal is a stealer-type malware written in the Python programming language. Malicious programs within this classification are created for the purpose of stealing sensitive information. Creal targets log-in credentials, data related to messaging software, cryptocurrency wallets, and other vulnerabl
While examining pages that use rogue advertising networks, we discovered yournicejournal[.]com. This website uses a clickbait technique to trick visitors into agreeing to receive notifications. Also, yournicejournal[.]com redirects to other websites. Thus, this page should not be trusted/visited.
PY#RATION is a Python-based malware that shows characteristics of remote access trojan (RAT). It is capable of remotely controlling infected computers and maintaining persistence. PY#RATION has a variety of features, including data exfiltration and keylogging. PY#RATION has the ability to
Our researchers discovered the chaeffulace[.]com rogue page while checking out dubious websites. It is designed to promote browser notification spam and redirect visitors to other (likely untrustworthy/malicious) sites. Most users access webpages like chaeffulace[.]com via redirects caused by site
Our inspection of the "Payment Remittance Advice" email revealed that it is spam. This letter is disguised as a message regarding a resolved payment, the details of which are supposedly in the attachment. However, the malicious file is designed to infect recipients' devices with malware. T
We have analyzed this letter and found that it is a phishing email. It is written by fraudsters who attempt to extract personal information from unsuspecting recipients. This email is disguised as a letter from the accounting manager of the Colodyne Technology company. It has a fake invoice attach