Our inspection shows that osx-protect.co[.]in is one of the many deceptive pages designed to trick visitors into granting them permission to show notifications. If this permission is given, sites like osx-protect.co[.]in can bombard users with annoying and often misleading offers, warnings, alerts
Vatican is the name of a malicious program classed as ransomware. This type of malware is designed to encrypt data and demand payment for the decryption. After we executed Vatican ransomware on our testing system, it encrypted files and appended their names with a ".POPE" extension. For example,
We have inspected the email and found that it is a fraudulent message regarding the recipient's mailbox storage. It uses urgent language to trick recipients into taking immediate action. The goal is to steal personal information through a fake website. Scams of this type are classified as phishing
SilentRoute is a Trojan that disguises itself as legitimate software to trick users into launching it. Once active, it collects sensitive information and sends it to a remote server. It is designed to look harmless but operates in the background to steal data without the user’s knowledge. If detec
We have examined the malware (which we discovered while inspecting malware samples submitted to VirusTotal) and found that it is ransomware belonging to the Dharma family. Upon execution, Kyj encrypts files and appends the victim's ID, an email address, and the ".kyj" extension to them. It also pr
Our analysis shows that this is a phishing email posing as a notification regarding a purchase agreement contract. This deceptive email includes a link to a fake website designed to steal personal information. Falling for this scam can lead to issues like account hijacking, identity theft, and oth
We have reviewed this email and concluded that it is a fake notification from DHL. The scammers behind this scam email aim to trick recipients into believing that they received a message regarding an expected "shipment document" and opening a fake website. Their ultimate goal is to steal personal
CryptoBot is information-stealing malware targeting macOS. It is written in the Go programming language, and its main goal is to search the infected computer for files related to cryptocurrency, such as wallet data or keys, and steal them. CryptoBot should be removed from infected computers as s
While investigating file submissions to the VirusTotal platform, our research team discovered the NetworkFormat rogue application. After inspecting this app, we determined that it is advertising-supported software (adware) from the AdLoad malware family. In most cases, adware operates by
This "Leave Request Form" message is a phishing email. The spam message claims that HR has shared a leave request form with the recipient. The goal of this scam is to deceive victims into revealing their email account log-in credentials to a phishing website. This spam email claims to be a