Overlord is a Remote Access Trojan (RAT) written in the Go programming language. It targets both Windows and macOS systems, with first detections recorded in South Korea. On macOS, Overlord can establish a persistent connection to an attacker-controlled server, capture keyboard and mouse input,
Our analysis of app.sparkfi[.]guru revealed a fraudulent page impersonating the legitimate Spark platform. It promotes a fake voting rewards event, claiming the first 1,000 voters will receive an "Assets Boost." In reality, the site is a cryptocurrency drainer - connecting a wallet triggers an aut
During our examination of the jito-network[.]vip site, we found that this page promotes a fake Jito Staked SOL ($JITOSOL) airdrop. Further analysis revealed that it is a fraudulent page designed to steal cryptocurrency from visitors by tricking them into connecting their digital wallets. IMP
We have analyzed the message and found that it is designed to steal personal information. Emails of this type are classified as phishing attempts. This particular scam email is designed to look like a message from an email service provider. It provides a link to a fake website to trick recipients
Our team has determined that this is a phishing attempt disguised as an important notification from an email service provider. It is designed to trick recipients into believing that they need to take certain actions to avoid potential issues with their email accounts. The goal is to steal personal
Dominus is ransomware discovered by our researchers during a routine inspection of new submissions to the VirusTotal website. It encrypts files on the victim's computer and demands payment in exchange for decryption. Dominus also claims to steal sensitive data before encryption, threatening to pub
We have inspected this email and concluded it is malspam. The message impersonates the Internal Revenue Service (IRS), falsely claiming that official tax documents are available for secure download. The link inside leads to a fraudulent website that delivers a remote access trojan disguised as an
Our examination has revealed that it is a scam email designed to appear as a message from an email service provider's customer support. It urges recipients to use the provided link to resolve the "occurred" issue. Its purpose is to deceive recipients into opening a fake page and disclosing persona
We have inspected the message and concluded that it is a phishing attempt. The email is presented as an internal security update notification. It contains a link to a fake website designed to extract personal information. Scammers use it to gain access to email and possibly other accounts.
We have reviewed the scam and determined that it involves a fake pop-up message posing as a security warning. The scammers behind this deceptive message seek to trick unsuspecting users into following the provided instructions. Falling for such scams can result in data theft, monetary loss, or oth