During a routine inspection of rogue websites, our research team discovered the financesurvey24[.]space site. This page loads dubious content, promotes browser notification spam, and redirects visitors to other unreliable/harmful webpages. Most users access sites like financesurvey24[.]space via r
We have discovered the remain dark browser extension while examining deceptive websites. After downloading and testing the app, we learned that it hijacks a web browser by changing certain settings to 87nzaa.com (a fake search engine). It is advertised as an app providing a dark mode for web brows
TargetCompany is a ransomware-type program that we have analyzed and researched. It is leveraged against companies rather than home users. We have also analyzed the following programs that belong to this ransomware family - Architek, Mallox, Tohnichi, Herrco, and Newexploit. This ransomware appen
The "Your eMail account will be disconnected" email is a new find by our research team. Having inspected this letter, we determined that it is a phishing email. It targets recipients' email credentials with false claims about their accounts' impending suspension. The spam email with the su
We have examined this email and concluded that scammers behind it attempt to trick recipients into providing their email account login credentials. Scammers disguised the email as a letter regarding email account deactivation/request for account deactivation. The email claims that the reci
UpdaterWebPageEducate is an adware-type app that our researchers found when inspecting new submissions to VirusTotal. We have determined that this piece of software belongs to the AdLoad malware family. Once installed onto our test machine, UpdaterWebPageEducate began running intrusive a
After analyzing the "Web Access for the 2022 version" email, our researchers determined that it is a phishing scam. This letter attempts to trick recipients into providing their email account log-in credentials to a phishing website, thereby allowing the scammers access/control over the account.
Our team has discovered the ZOZL ransomware while analyzing the samples submitted to VirusTotal. Our key findings are that ZOZL is part of the Phobos ransomware family and encrypts files, generates two ransom notes ("info.hta" and "info.txt"), and renames files. An example of how ZOZL renames fil
We have discovered the PowerLane application while visiting download pages for cracked software and pages displaying fake pop-ups. After examining PowerLane, we found that it is an advertising-supported application that can read browsing history and sensitive information from websites. A
Discovered by our team while researching deceptive websites, Shopping Guide is an adware-type browser extension. It promises to allow quick access to "the most popular e-commerce company". However, this extension delivers intrusive advertisement campaigns instead. After being successfully