VileRAT is the name of a Remote Access Trojan (RAT) - malware that gives the attacker administrative control over a target computer. It is known that cybercriminals behind VileRAT are targeting foreign and cryptocurrency exchanges. This RAT is capable of executing remote commands, keylogging, and
Malware developers often use legitimate services to diminish the detectability of their creations, and VIPSpace is an example of this. The VIPSpace malware abuses the Discord messaging platform to proliferate its payloads. This malicious program serves as a backdoor for other malicious software t
While analyzing the advertisingvt[.]com website, we learned that it uses deception to trick visitors into allowing it to show notifications and redirects them to other untrustworthy pages. We discovered this site while inspecting pages that use rogue advertising networks. Typically, users end up o
After downloading Eye Protection from a shady website and adding it to a browser, we found that it is an extension designed to show unwanted advertisements. Software that generates ads is classified as adware. In addition to showing ads, Eye Protection can read and change all user's data on all we
Broworker1s[.]com is a rogue webpage that we discovered during a routine inspection of dubious sites. This page operates by promoting spam browser notifications and redirecting visitors to different (likely untrustworthy/malicious) websites. Most users enter pages of this kind via redirects caused
During a routine investigation of untrustworthy websites, our research team discovered the aspectsofc[.]hair rogue page. It is designed to load deceptive material, promote browser notification spam, and cause redirects to other (likely dubious/malicious) sites. Users typically access aspectsofc[.
After examining the 18plusvideos[.]me page, we found that its purpose is to get permission to show notifications. It uses a clickbait technique to trick visitors into granting that permission. Additionally, 18plusvideos[.]me can redirect visitors to a similar web page. Typically, visitors open suc
Basitrackone[.]space is a website that shows a deceptive message to trick visitors into allowing it to show notifications and redirects them to other websites. Our team discovered this site while inspecting pages that use rogue advertising networks. Like all the other pages of this type, basitrack
The Internet is rife with deceptive and malicious content. While inspecting untrustworthy websites, our research team found the buyfunllc[.]com rogue page. It promotes browser notification spam and redirects visitors to different (likely dubious/harmful) sites. Most users enter webpages like buyf
While looking through new submissions to VirusTotal, our researchers discovered the Colambia ransomware-type program. This piece of malicious software belongs to the ZEPPELIN ransomware family. Once we executed a sample of Colambia on our test machine, it began encrypting files and appended their