Jokdach is ransomware, a type of malware designed to encrypt files on the infected device. Our discovery of Jokdach occured while analysing malware samples uploaded to VirusTotal. In addition to encrypting files, Jokdach appends its extension (".jokdach") to files and generates a ransom note ("!!!
Our team has reviewed the email and concluded that it is a sextortion scam. Its purpose is to trick recipients into believing that their computers have been compromised and paying a ransom. All claims made in this scam email are untrue. Recipients should ignore this message. The email clai
Our analysis shows that the site is a scam featuring a fake Windows Defender alert. It is crafted to trick visitors into believing that there is an issue with their computers and calling a number operated by fraudsters. This type of fraud is called a tech support scam and should be ignored and avo
We have inspected the site and discovered that it is a scam involving a fake Facebook alert. The goal is to deceive unsuspecting visitors into calling the provided number (contacting scammers). Such deceptive schemes are known as technical support scams. They should be avoided and ignored.
Olymp Loader is a Malware‑as‑a‑Service sold on underground forums and Telegram. The developer claims it is written in assembly and advertises it as FUD (Fully Undetectable). The loader is priced at $50 (basic), $100 (tweaked), and $200 (with custom code and injection into legitimate programs).
Our team has reviewed the page (microbiodao[.]com) and found that it is designed to trick visitors into "participating" in a fake airdrop (a cryptocurrency giveaway). Moreover, the site mimics the original Microbiome DAO platform (microbiomedao.com). Its purpose is to drain crypto wallets. I
While investigating suspicious websites, our research team discovered the verifytechclusterssecure.co[.]in rogue page. It operates by promoting browser notification spam and redirecting visitors to different (likely unreliable/hazardous) sites. Most users enter verifytechclusterssecure.co[.]in and
Loapneme.co[.]in is a rogue webpage discovered by our researchers during a routine inspection of untrustworthy sites. This page promotes browser notification spam and generates redirects to other (likely unreliable/harmful) websites. Most visitors to loapneme.co[.]in and similar webpages access th
Our researchers discovered this fake "Goat Network" airdrop while inspecting dubious websites. The scam lures users with a bogus rewards program into exposing their cryptowallets to a cryptocurrency drainer. It must be emphasized that this fraudulent airdrop is not associated with the actual GOAT
Datzbro is a malware classed as a banking trojan. This malicious program is designed to infect Android devices. It has many harmful capabilities, including those associated with remote access/control, spying, and financial fraud. Datzbro's code suggests that its developers were Chinese speakers.