LockBeast is ransomware that we discovered during our routine examination of malware samples uploaded to VirusTotal. Our analysis shows that LockBeast encrypts data, appends the victim's ID and ".lockbeast" extension to files, and provides a ransom note ("README.TXT"). Here is an illustration of
We have examined the email and found it is a deceptive message disguised as a Social Security account update notification. It contains a link designed to download an installer that security vendors flag as malicious. Falling for this scam can cause security and privacy issues. This scam em
Ermac 3.0 is Android malware targeting over 700 financial, shopping, and cryptocurrency applications. It is distributed using a Malware-as-a-Service model. It can cause issues like identity theft and financial loss. If the malware is detected on a device, it should be eliminated immediately.
While investigating suspicious sites, our research team found this fake "Littleguy" airdrop. Instead of distributing this coin, the scam aims to trick users into exposing their digital wallets to a cryptocurrency drainer. It must be emphasized that this fraudulent airdrop is not associated with an
Our inspection of this "Expiration Notification" email revealed that it is spam. This message claims that the recipient's email account password will expire in 24 hours. The risk of failing to update the log-in credentials is the permanent deactivation of the account. The goal of this phishing mai
"E-mail Administrator" is a spam email that, upon inspection, we determined to be a phishing scam. This message informs the recipient about undelivered emails and urges them to resolve the issue. The spam campaign aims to obtain email account log-in credentials (passwords). The spam email
PS1Bot is the name of a malicious software that is essentially a multi-stage malware framework. It is a modular malware that utilizes various modules to perform malicious activities on infected devices. PS1Bot has been used to ensure persistence on systems, gather sensitive data, and carry out ot
Our team has examined the page (memesprotocol[.]net) and found that it runs a crypto scam. It imitates the original Memes Protocol platform (memesprotocol.xyz) to deceive visitors into taking actions that allow scammers to steal their cryptocurrency. This deceptive site should not be trusted.
We analyzed the email and determined it is a fake message pretending to be from DHL. Its goal is to trick recipients into clicking the link and providing personal information. This type of scam is called phishing, and recognizing (and ignoring) such emails prevents potential risks. The sca
While browsing suspicious sites, our research team found the inigrattic[.]com rogue webpage. It operates by promoting browser notifications spam and redirecting visitors to other (likely dubious/dangerous) sites. Inigrattic[.]com and pages akin to it are primarily accessed via redirects generated