D0glun is a ransomware-type virus. It aims to encrypt victims' files in order to demand ransoms for the decryption. On our test machine, D0glun encrypted files and altered their names. Initial filenames were appended with an extension following this pattern – ".@D0glun@[original_extension]"; e.g.
While investigating suspicious sites, we discovered a deceptive webpage promoting an installer containing "Corporate Monitoring Tool". The malicious extension could be used to alter the appearance/operation of browsers and to collect sensitive user data. This browser extension could infiltrate dev
LightSpy is a spyware-type program. It can carry out various spying and data-stealing activities. LightSpy has been around since at least 2020. This malware has been used in geopolitically motivated attacks and was proliferated through compromised/deceptive news websites documenting polarizing
InvisibleFerret is a Python-based backdoor malware associated with North Korean threat actors. Cybercriminals use it mainly for data theft and the injection of other tools for additional control. Victims of InvisibleFerret can experience issues like monetary loss, identity theft, and additional in
Our researchers discovered ChannelType while inspecting new submissions to the VirusTotal site. Upon examination, we determined that it is adware from the AdLoad malware family. Adware stands for advertising-supported software and operates by running intrusive advert campaigns. Typically
We have tested the SyncUpgrade application and found that it is designed to bombard users with intrusive and annoying advertisements. In addition to functioning as adware, SyncUpgrade may be capable of accessing personal information. Another reason not to install SyncUpgrade is that multiple sec
After inspecting this "American Express - Unrecognized Transaction" email, we determined that it is fake. The message claims the recipient must review a transaction to verify its legitimacy. The purpose of this spam mail is to promote a phishing website targeting account log-in credentials.
After investigating the scam, we determined that it is a bogus website impersonating the official Melania Trump Meme Coin page (melaniameme.com). The scammers behind this site seek to deceive unsuspecting individuals into performing actions that enable them to steal the cryptocurrency they have in
In our examination of the scam, we concluded that it involves multiple fake websites mimicking the official Trump Meme (gettrumpmemes.com) website. The scammers behind these fraudulent pages aim to lure unsuspecting individuals into taking actions that allow scammers to steal their cryptocurrency
Our inspection of the email has shown that it is a phishing email disguised as a letter from the Trust Wallet account team. The scammers behind it seek to steal personal information. They use a fake web page to trick users into disclosing specific details. Scam emails like this one should be ignor