We have discovered the myauto[.]site website while inspecting other pages that use rogue advertising networks. Myauto[.]site asks for permission to show notifications (it uses a clickbait technique to trick visitors into clicking the "Allow" button). Also, it redirects to an identical page.
We have examined this email and concluded that it is used to steal credentials. It contains an attachment designed to open a page asking to provide email, phone or Skype, and password. This site is disguised as a letter from The Salvation Army, an evangelical protestant Christian church in Austral
After inspecting the "Email Shutdown In Progress" email, we determined that it is spam. This fake letter threatens that the recipient's email account is pending deactivation. The goal of this mail is to trick users onto providing their email account's log-in credentials to a phishing website.
Japan is the name of a malicious program that our researchers found while inspecting new malware submissions to VirusTotal. We determined that the Japan program is ransomware. After launching a sample on our test machine, we learned that it encrypts files and appends their filenames with a ".japa
Takecontent[.]net is a deceptive website designed to trick visitors into allowing it to show notifications. It also redirects to other untrustworthy pages. We have discovered takecontent[.]net while examining torrent sites, illegal movie streaming pages, and other pages that use shady advertising
We have examined di04[.]biz website and found that it asks for permission to show notifications and redirects to a scam page. It displays deceptive content to trick visitors into agreeing to receive notifications. Di04[.]biz was discovered while inspecting other pages that use rogue advertising ne
Titancrypt is ransomware that encrypts files (it encrypts only a few file formats) and appends the ".titancrypt" extension to filenames. Also, it creates a text file (a file named "___RECOVER__FILES__.titancrypt.txt") and displays a pop-up window. Both of them contain ransom notes. Titancrypt rans
Timetocheck[.]xyz is a rogue webpage that our research team discovered while inspecting questionable sites. This page is designed to push browser notification spam and redirect visitors to other (likely untrustworthy/malicious) websites. Most users access such webpages through redirects caused by
While inspecting dubious sites, our research team found the webdefencerequired[.]com rogue website. It operates by promoting deceptive material, pushing browser notification spam, and redirecting visitors to other (likely untrustworthy/malicious) pages. Visitors to sites like webdefencerequired[.
During a routine inspection of deceptive download sites, we discovered a rogue app called Weather. After analyzing this piece of software, we learned that it operates as adware. Furthermore, we noted that Weather is practically identical to Prime adware. Adware is designed to enable the pl