We have examined this email and concluded that scammers behind it attempt to trick recipients into providing their email account login credentials. Scammers disguised the email as a letter regarding email account deactivation/request for account deactivation. The email claims that the reci
UpdaterWebPageEducate is an adware-type app that our researchers found when inspecting new submissions to VirusTotal. We have determined that this piece of software belongs to the AdLoad malware family. Once installed onto our test machine, UpdaterWebPageEducate began running intrusive a
After analyzing the "Web Access for the 2022 version" email, our researchers determined that it is a phishing scam. This letter attempts to trick recipients into providing their email account log-in credentials to a phishing website, thereby allowing the scammers access/control over the account.
Our team has discovered the ZOZL ransomware while analyzing the samples submitted to VirusTotal. Our key findings are that ZOZL is part of the Phobos ransomware family and encrypts files, generates two ransom notes ("info.hta" and "info.txt"), and renames files. An example of how ZOZL renames fil
We have discovered the PowerLane application while visiting download pages for cracked software and pages displaying fake pop-ups. After examining PowerLane, we found that it is an advertising-supported application that can read browsing history and sensitive information from websites. A
Discovered by our team while researching deceptive websites, Shopping Guide is an adware-type browser extension. It promises to allow quick access to "the most popular e-commerce company". However, this extension delivers intrusive advertisement campaigns instead. After being successfully
Goldline-updates[.]com is a rogue website promoting browser notification spam and capable of redirecting visitors to other untrustworthy/harmful pages. We discovered this site while researching pages that use rogue advertising networks. Redirects caused by such webpages - are also how most users
"YOUR GOOGLE HAS (4) CRITICAL VULNERABILITIES!" is a scam targeting Android users, which we discovered when researching rogue websites. The scheme claims that the site visitor's device is infected and will be blocked - unless they install a "Google Chrome" application. We identified the piece of
Our team has discovered this scam website while analyzing pages that use shady advertising networks. We have examined this page and concluded that it is disguised as a legitimate platform offering to synchronize cryptocurrency wallets with the blockchain. We also found that this site is flagged as
Medusa is the name of a banking trojan that we have researched and analyzed a sample obtained from VirusTotal. This malware targets Android operating systems; it enables remote access control over infected devices and can extract a wide variety of vulnerable data from them. Initially, Medusa was