VerdaCrypt is a ransomware-type program found by our researchers during a routine inspection of new malware submissions to VirusTotal. Ransomware encrypts victims' data and demands payment for its decryption. After we executed a sample of VerdaCrypt on our test machine, it encrypted files and add
After inspecting this "iToken" presale – we determined that it is fake. When users attempt to take part in the presale event, they are deceived into disclosing private information through a bogus registration process. It must be emphasized that this scam is in no way associated with Apple Inc. or
After reading this "We Hacked Your System" email, we determined that it is spam, specifically – a sextortion scam email. This message threatens to leak an explicit video of the recipient to their contacts unless the blackmailer is paid. It must be emphasized that all the claims in this message are
Neptune is a Remote Access Trojan (RAT) written in the Visual Basic (.NET) programming language. Trojans of this kind enable remote access and control over compromised machines. Neptune is a highly multi-functional piece of malicious software. There have been several variants of this RAT. At the
TROX is a stealer-type malware written in several programming languages. This malicious program has been around since at least 2024. It seeks to extract sensitive information from infected systems, including credit card details and cryptowallets. It is offered as MaaS (Malware-as-a-Service) with
While browsing suspicious websites, our researchers discovered the apphonest[.]monster rogue page. It is designed to promote deceptive content and browser notification spam. This webpage can also redirect users elsewhere (likely dubious/hazardous sites). Most visitors access apphonest[.]monster an
After inspecting this "Direction Générale Des Finances Publiques" email, we determined that it is fake. This message is presented as a notification regarding the recipient's documents on the General Directorate of Public Finances, a branch of the Ministry of Economics and Finance. Typically, ema
This malware is a ransomware-type program designed to encrypt files and demand payment for the decryption. Its developers have utilized the name and graphics of Combo Cleaner and PCrisk.com in an attempt to damage our reputation and create a misleading association in users' minds between the malwa
PipeMagic is a piece of malicious software classed as a backdoor. Programs of this kind seek to open a "backdoor" into systems for further infections, and some can even carry them out (i.e., download/install additional malicious content). PipeMagic has been around since at least 2022. Originally
After inspecting this "Standard Bank - VAT Increase" email, we determined that it is fake. This phishing message alerts the recipients of changes to the VAT rates in the Republic of South Africa. The purpose of this email is to deceive recipients into disclosing their online bank account log-in cr