"COVID 19 HELP DESK" is the subject of a scam email designed to proliferate the Agent Tesla Remote Access Trojan (RAT). This message attempts to exploit the Coronavirus/COVID-19 pandemic, claiming that the recipient has been chosen to receive a large sum of money from The World Health Organizatio
ProgressSite is designed to serve advertisements, promote the Safe Finder web page via akamaihd.net, and collect sensitive information. Commonly, users download and install adware such as ProgressSite inadvertently. Therefore, these apps are categorized as potentially unwanted applications (PUAs
A popular way to spread malware is by sending emails that contain malicious attachments and/or website links that download rogue files. In most cases, these emails are disguised as important, official messages from well-known companies. In this case, the scam is disguised as a message from DHL re
Eject belongs to the Phobos ransomware family. It encrypts files, changes their filenames, displays a pop-up window and creates a text file. Eject renames encrypted files by adding the victim's ID, cynthia-it@protonmail.com email address and appending the ".eject" extension to their filenames. Fo
Discovered by dnwls0719, DOP is a malicious program that is part of the Dharma ransomware family. This malware operates by encrypting data so that ransom demands can be made for decryption tools/software. When DOP ransomware encrypts, all affected file are renamed following this pattern: original
As its name suggests, Orange Defender Antivirus is software that detects and eliminates computer viruses and other threats. In fact, this computer security program is distributed through the 'installers' of other programs. I.e., it is included into the set-ups as "additional offers". Programs tha
megaUp[.]net is a file hosting and sharing website, which allows users to upload, share, and manage their files. When a user uploads a file, megaUp[.]net creates a download package and link. In this way, it prepares a file for sharing with others, however, megaUp[.]net also includes additional com
As its name suggests, ISR Stealer (also known as ISRStealer) steals sensitive information by logging keystrokes. There are many legitimate keyloggers online, however, even legitimate sites can be used for malicious intent. I.e., for stealing passwords and other confidential information. Research
LOCK belongs to the Xorist ransomware family. Like most programs of this type, it prevents victims from accessing their files by encryption. LOCK also renames every encrypted file by appending the ".LOCK" extension to its filename. For example, it renames "1.jpg" to "1.jpg.LOCK", "2.jpg" to "2.jpg
Targeting Android users, Anubis is malicious software classified as a banking Trojan. This malware attempts to steal banking information and can lead to victims' experiencing financial loss, privacy issues and other serious problems. Anubis has been observed being proliferated via deceptive/scam