"Device Locked Due To Access To Illegal Content" is a multilingual scam claiming that users' devices have been blocked due to repeated access to online resources containing illegal pornographic content. The goal is to deceive victims into paying a bogus fine – sending money to scammers. It must be
BAGAJAI is a ransomware-type program discovered by our researchers while reviewing new submissions to the VirusTotal website. This malicious program is part of the MedusaLocker ransomware family. Malware within this classification operates by encrypting data in order to demand a ransom for decrypt
PROMPTSTEAL is a malicious program designed to steal information. It is written in the Python programming language. This data miner is a novel malware that utilizes generative AI to create malicious commands during execution. PROMPTSTEAL has been used by FROZENLAKE (also known as APT28) – a threa
We have examined upectaevie[.]com and determined that it uses clickbait to trick visitors into consenting to receive its notifications. Once this permission is given, upectaevie[.]com starts showing bogus warnings and other deceptive notifications. The purpose of upectaevie[.]com is to promote oth
Fantasy Hub is a Remote Access Trojan (RAT) targeting Android devices. The malware is sold as Malware-as-a-Service and is capable of controlling infected devices, exfiltrating messages, contacts, and media, and intercepting or manipulating incoming notifications. Fantasy Hub should be removed from
Our team has checked antombly.co[.]in and found that it uses a misleading technique (known as clickbait) to trick visitors into granting it permission to send notifications. If the site obtains this permission, it can show fake warnings and other deceptive messages to promote other unsafe pages.
Our inspection has revealed that SpaceSix is an unwanted application, as it has been flagged as malicious by multiple security vendors. Also, the app has no clear functionality. Installing SpaceSix on devices can lead to privacy and security risks. Thus, users are advised to avoid this and similar
During an examination of malware samples uploaded to VirusTotal, we discovered Phantom, a ransomware developed using an open-source ransomware project known as Hidden Tear. Once executed, Phantom encrypts files and appends its extension (".Phantom") to files. For instance, it renames "1.jpg" to "1
Our analysis has revealed that this website (gigglepartners[.]xyz) is a copy of the GiggleFund web page (giggletoken.com). The purpose of this fake page is to steal cryptocurrency from victims. Like most scams of this type, it offers free cryptocurrency as a lure. Users should avoid interacting wi
While browsing dubious websites, our research team found the SecurePass PUA (Potentially Unwanted Application). It is presented as a tool capable of creating secure passwords and checking their strength. Unwanted apps are distributed using questionable or downright deceptive methods, and they ofte