Exo Stealer is an information stealer, a type of malware designed to extract sensitive data from infected devices. Once active, it transmits stolen data to cybercriminals, who can then misuse it for malicious purposes. Usually, malware of this type targets login credentials, financial details, and
After inspecting the "You're Added To A New Group" email, we determined that it is spam. It is presented as an alert about the recipient being added to a workgroup. This is a phishing campaign that seeks to obtain victims' email account log-in credentials. The spam email with the subject "
While inspecting dubious websites, our researchers found the StealthBrowse PUA (Potentially Unwanted Application). It is endorsed as a browser that emphasizes privacy. However, unwanted apps tend to have harmful abilities, often those that endanger user privacy. Potentially unwanted applic
During a routine investigation of untrustworthy websites, our research team discovered the SafeMail PUA (Potentially Unwanted Application). This app is promoted as a tool for checking the validity and reputation of email addresses. However, the promised functionality is not operational. PUAs ofte
Our examination of the email has revealed that it is a phishing attempt. Emails of this kind are usually created to steal personal information from recipients. They are designed to appear important and urgent to trick recipients. This particular scam email is disguised as a security notification.
PrivateBrowsing is promoted as a tool offering secure and anonymous web browsing. Although it is not inherently malicious, it may be distributed through dubious means, like being bundled with unwanted software or hosted on unreliable websites. As a result, we categorize PrivateBrowsing as a potent
Our researchers discovered the vfirewall[.]pro rogue page while investigating suspect websites. After examining this webpage, we learned that it endorses browser notification spam and generates redirects to other (likely unreliable/harmful) sites. Most visitors to vfirewall[.]pro and analogous pa
We have analyzed irlitathal[.]com and concluded that this is a deceptive page designed to obtain permission to show notifications. Once it is allowed to send these notifications, it bombards users with fake warnings and other messages. Therefore, irlitathal[.]com and similar web pages should be av
After examining this "Mailbox Issue Identified" email, we learned that it is spam. It falsely claims that the recipient may experience service interruptions due to an unresolved mailbox error. The goal is to lure victims into visiting a phishing site that targets email log-in credentials (password
Tianrui is a ransomware-type virus discovered by our researchers during a routine inspection of new submissions to the VirusTotal site. This malicious program is identical to other ransomware, including Hush, MoneyIsTime, and Boramae. Ransomware encrypts data and demands payment for the decryption