While investigating suspicious websites, our research team discovered Focusio. This browser extension makes changes to browser settings in order to generate redirects to promoted sites. Additionally, Focusio spies on users' browsing activity. Due to this behavior, it is classified as a browser hij
Our research team found the Picture Downloader browser extension during a routine investigation of deceptive sites. This piece of software is promoted as a tool that improves Internet image searches and download processes. However, our examination revealed that Picture Downloader operates as adver
While examining suspicious websites, we encountered ztzguv[.]com, a site that employs a deceptive tactic to lure visitors into agreeing to receive its notifications. Also, ztzguv[.]com redirects users to similar websites. As a result, it is recommended that users avoid visiting ztzguv[.]com.
While inspecting untrustworthy websites, our research team discovered the Tally Tab browser extension. It is endorsed as a calculator widget for browsers. However, after analyzing Tally Tab, we determined that it is a browser hijacker. This extension modifies browsers to generate redirects.
While examining celeb-trends-blog[.]com, we noticed that this page displays deceptive messages to trick visitors into allowing it to show notifications. We also learned that celeb-trends-blog[.]com redirects visitors to other untrustworthy websites. Our team encountered celeb-trends-blog[.]com whi
RedEnergy is the name of an information stealer that employs a fake update campaign to target multiple industry sectors. This malicious software has the capability to extract information from different web browsers, allowing sensitive data to be stolen. Additionally, it incorporates various module
MachineDesktop is a rogue app that we discovered while investigating new submissions to the VirusTotal site. After inspecting this application, we determined that it is advertising-supported software (adware). Additionally, we learned that MachineDesktop belongs to the AdLoad malware family.
TriangleDB is a spyware-type program. It is designed to extract/record and exfiltrate vulnerable data from infected iPhone devices. TriangleDB has been observed being injected into devices by the Triangulation backdoor. This malware campaign is sophisticated; the infection is triggered without
Triangulation is the name of malware targeting iOS devices. It is part of a highly sophisticated campaign. Triangulation serves as a backdoor – a program that opens a "backdoor" for further infections. The malware can gather basic device/user data and download/install additional malicious compon
During our investigation of ooumoughtcall[.]com, we discovered that it is a deceptive website that presents a misleading message to entice visitors into consenting to receive notifications. Furthermore, ooumoughtcall[.]com can download a potentially harmful file. As a result, it is advisable to ex