CrySome is a remote access Trojan (RAT) that lets cybercriminals take control of an infected device. This RAT can steal files and passwords, spy on activity, and run commands remotely. What makes CrySome even more serious threat is that it can hide itself, disable antivirus software, and stay on t
CrystalX is a remote access Trojan (RAT) offered as MaaS (malware‑as‑a‑service) and promoted through Telegram. It is mainly used to steal information from infected devices and to control devices remotely, and it also has a prankware capability. If detected on a device, CrystalX should be removed a
BASANAI is ransomware from the MedusaLocker family. We discovered this ransomware while analyzing malware samples uploaded to VirusTotal. Once executed, BASANAI encrypts files and appends its extension (".BASANAI") to files. For instance, a file named "1.jpg" is renamed to "1.jpg.BASANAI", "2.png"
We have checked xicuritinon.co[.]in and discovered that it uses deception to get permission to send notifications. If users accept these notifications, they may encounter websites designed to steal information or other fraudulent content. Xicuritinon.co[.]in and similar pages should be ignored and
We have inspected rexameles[.]com is created to deceive users into enabling its notifications. Once permission is given, it may send misleading messages, deceptive offers, and other suspicious content that can redirect users to untrustworthy websites. It is best not to trust rexameles[.]com.
Nextgeeker.com is a search engine promoted through browser hijackers and unwanted applications. Using it can expose users to scams and other unwanted content. Thus, we classified nextgeeker.com as an unreliable search engine. Users should avoid using it and remove it (and any associated hijackers
Exitium is ransomware that our team has found while examining malware samples uploaded to VirusTotal. Once a device is infected with Exitium, the malware encrypts files and appends the ".exitium" extension. For instance, it renames "1.jpg" to "1.jpg.exitium" and "2.png" to "2.png.exitium". Also, E
Our analysis shows that forestrievic[.]com is designed to trick users into allowing notifications. After permission is granted, it may deliver misleading alerts, scam offers, and other dubious content aimed at directing users to untrustworthy websites. It is recommended to avoid trusting forestrie
Our findings indicate that omnitaro.co[.]in is used to mislead visitors into enabling its notifications. Once permission is given, the site can send deceptive alerts, fraudulent promotions, and other suspicious content that can lead users to unsafe websites. Users are advised not to trust omnitaro
We have inspected the email and found that it is written by scammers who seek to trick recipients into believing that they received a message (a "mail queue notification) from their email service provider. The purpose of this fraudulent message is to steal personal information through a fake websi