PDFSIDER is malware that, once infiltrated, operates as a backdoor. It bypasses security tools by using a fake file that looks legitimate. The technique PDFSIDER uses is called DLL side-loading. Once inside, collects information about the system and allows cybercriminals to run commands remotely.
We have inspected rabagoweame[.]com and discovered that it uses a misleading technique to trick visitors into accepting its notifications. Once the site is allowed to show notifications, it can bombard users with fake alerts, offers, and similar content. Overall, users should not trust rabagoweame
Statizatod[.]com is a rogue webpage that promotes browser notification spam and generates redirects to various sites, which are likely untrustworthy or dangerous. Our researchers discovered this page while investigating websites that employ rogue advertising networks. In fact, most visitors to web
While investigating dubious websites, our research team discovered the axischainedge[.]com rogue page. Upon examination, we determined that it operates by promoting browser notification spam and redirecting visitors to different (likely untrustworthy/malicious) sites. Most users access axischained
Our researchers discovered the "Critical Security Alert" scam while inspecting spam emails. This is an affiliate scam that aims to deceive users into downloading or purchasing software by claiming their phones are infected and that their private data is being sent to unknown servers. When
"CrashFix" refers to a social engineering technique intended to infect systems with malware. It is facilitated by a malicious browser extension that crashes the victim's browser and provides fake steps to fix the issue. By following these steps, the victim executes a malicious command on their dev
Happy is a ransomware-type program discovered by our researchers during a routine inspection of new submissions to the VirusTotal website. This malicious program belongs to the MedusaLocker ransomware family. After we executed a sample of malware on our test system, it encrypted files and added a
Evelyn is an information stealer designed to avoid security analysis while it gathers data. The malware can pilfer data such as saved browser passwords, clipboard contents, Wi‑Fi credentials, cryptocurrency wallets, and other information. All stolen information is then sent to the threat actor's c
Our researchers discovered the Lab malicious program while browsing new file submissions to the VirusTotal website. This software is part of the Makop ransomware family. On our test machine, Lab ransomware encrypted files and changed their filenames. Original filenames were appended with a unique
EndRAT is malware that spreads through phishing links designed to look like legitimate advertisements. It is classified as a remote access trojan (RAT) that allows attackers to remotely control infected systems, execute commands, and carry out other malicious activities. If detected on a device, E