We have discovered an information-stealing malware called BlackGuard while browsing various hacker forums. This piece of malware is written in the C# programming language. Its monthly subscription costs $200. It also can be purchased by making a $700 one-time payment. The purpose of BlackGuard is
After inspecting this "BNP PARIBAS" email, we determined that it is spam. While it is presented as a message from the BNP Paribas international banking group, this email is fake and in no way associated with said bank. This spam letter targets Polish-speaking users and attempts to trick them into
Our team has examined this email and found that scammers behind it pretend to be representatives of the Navy Federal Credit Union, a legitimate credit union. It was concluded that this is a typical phishing campaign. Scammers behind it have one goal - to trick recipients into clicking the provided
Our team has discovered the Vlff ransomware while examining malware samples submitted to VirusTotal. It was found that Vlff is one of the variants belonging to the Djvu ransomware family. It encrypts data, renames files by appending the ".vlff" extension to their filenames, and generates a ransom
Scammers often use fake giveaways to trick people into transferring cryptocurrency to them. They impersonate famous personalities (or companies) and offer to match or sometimes even double any crypto sent to their account. Our article is about scammers who use fake Twitter accounts supposedly belo
Tail DS is the name of a browser extension. After analyzing this piece of software, our researchers found that it exhibits the behavior of a browser hijacker. Tail DS modifies browser settings to cause redirects to the tailsearch.com illegitimate search engine. Additionally, this extension spies o
ComputingInteractive is a rogue app our researchers discovered while looking through new submissions to VirusTotal. After analyzing it, we determined that this application operates as adware and is part of the AdLoad malware family. It is noteworthy that advertising-supported software ma
Our research team discovered the poopholiredgeng[.]com webpage during a routine inspection of rogue websites. This page is designed to push browser notification spam and redirect visitors to other (likely untrustworthy or malicious) sites. Webpages like poopholiredgeng[.]com are usually accessed
Our team has become aware of this email after receiving it to our inbox. After analyzing it, we learned that it is a phishing email purporting to be from WeTransfer. Scammers behind it attempt to trick recipients into clicking the provided link and entering their login credentials on a fake WeTran
Discovered on the 14th of March, 2022 - CaddyWiper is a piece of malicious software designed to wipe the data stored on infected devices. The observed geopolitically-motivated attacks targeted specific Ukrainian organizations; these infections are evidently a cyber element of the war in Ukraine.