After analyzing this "FedEx Corporation" email, we determined that it is malspam. These letters are presented as reports from the FedEx Corporation regarding a shipment. However, their attachments are infectious and will begin downloading/installing malware upon being opened. It must be emphasize
PickGrid is an advertising-supported application that generates annoying/intrusive advertisements. Our team discovered this app after executing a fake installer downloaded from a shady website claiming that the installed version of Adobe Flash Player is out of date. PickGrid is not a trustworthy
Yoursafeguardshield[.]com is a rogue page that runs scams, promotes spam browser notifications, and causes redirects (most likely to untrustworthy/malicious websites). Our researchers discovered this webpage while inspecting sites that use rogue advertising networks. It is noteworthy that the red
While analyzing an email containing a malicious attachment, we discovered that the threat actors behind Qakbot (also known as QBot) use a DLL hijacking method to distribute malware. They are abusing the Windows 7 Calculator application in their attacks. Currently, Qakbot is known to be used as a d
Our inspection of the "Meeting Reminder" email revealed that it is spam. This letter operates as a phishing scam targeting email account log-in credentials. By making fake claims about an important document having been shared with the recipients - this scam attempts to trick them into disclosing t
DUCKTAIL is the name of a malicious program designed to steal Facebook Business accounts. The observed attacks have been highly targeted. Research by WithSecure Intelligence suggests that this malware has been around since 2021 and is associated with Vietnamese cyber criminals. At the time of wri
Saarmlife[.]ru is an untrustworthy website designed to trick visitors into clicking the "Allow" button. The purpose of this site is to obtain permission to show notifications and redirect visitors to other shady pages. We discovered saarmlife[.]ru while inspecting pages that use rogue advertising
Our research team discovered the ModuleView rogue app while inspecting new submissions to VirusTotal. Our analysis of this piece of software revealed that it is adware. Additionally, ModuleView belongs to the AdLoad malware family. Advertising-supported software (adware) displays adverti
After downloading and installing the IndexerClient application, we found that it has specifications of adware - it displays annoying advertisements. We discovered IndexerClient on a deceptive website claiming that Adobe Flash Player needs to be updated. It is worth mentioning that most users ins
While examining untrustworthy websites, our research team discovered the protectwatch[.]xyz page. It operates by promoting scams, pushing browser notification spam, and redirecting users to different (likely dubious or malicious) sites. Most visitors to protectwatch[.]xyz and webpages akin to it