"Nico International Email Virus" refers to a spam email campaign designed to proliferate the Agent Tesla RAT (Remote Access Trojan). The term "spam campaign" is used to define a large-scale operation, during which thousands of deceptive emails are sent. The messages distributed through this spam
In most cases, cyber criminals behind malspam campaigns disguise their messages as official and important, and sent from legitimate companies and organizations. Their main goal is to trick recipients into opening a malicious file attached to the email (or that can be downloaded through a link in t
connection-protect[.]com is a deceptive website, which promotes various scams. It has been observed promoting schemes that target Apple product users, primarily mobile device users. At the time of research, the scam run on connection-protect[.]com claimed that visitors' devices may have been com
Anubis is malware classified as an information stealer. It can be purchased on a hacker forum (starting from US$100). Cyber criminals can use it to steal cryptocurrency wallets, and information such as browsing cookies and passwords saved on browsers, and credit card details. Therefore, if there
StreamBrosSearch is rogue software classified as a browser hijacker. Following successful infiltration, it makes changes to browser settings to promote streambrossearch.com (a fake search engine). Additionally, StreamBrosSearch monitors users' browsing habits. Due to the dubious tactics employed
Discovered by JAMESWT, ViluciWare is designed to encrypt files, modify their filenames and prevent victims from using the computer (operating system) by locking the screen. In this way, ViluciWare functions as ransomware and a screenlocker. Research shows that it renames encrypted files by appendi
FDFK22 belongs to the Matrix ransomware family. Like other malicious programs of this type, FDFK22 is designed to prevent victims from accessing their files by encryption. It renames all encrypted files by replacing filenames with the FridaFarko@yahoo.com email address, a string of random characte
OperativeDevice is dubious software categorized as adware. It also has browser hijacker traits. It operates by delivering intrusive advertisement campaigns and making alterations to browser settings to promote fake search engines. OperativeDevice promotes 0yrvtrh.com and the search.adjustablesam
SkilledOrigin is a potentially unwanted application (PUA), which serves advertisements and collects sensitive information. SkilledOrigin is categorized as a PUA, since users often download and install this type of adware inadvertently. Note that this app might also be designed to promote a fake
The WinkiSearch browser hijacker promotes winki-search.com (a fake search engine) by changing certain browser settings. It also gathers browsing-related information. Note that users often download and install browser hijackers inadvertently and, for this reason, they are classified as potentially