Tria Stealer is malware that targets Android users. It targets personal information and transmits it to the attackers through various Telegram bots using the Telegram API. Cybercriminals can use Tria Stealer for various malicious purposes. If detected on a device, the stealer should be eliminated
TheAnonymousGlobal is a ransomware-type program. It operates by encrypting data in order to demand payment for its decryption. On our testing system, this ransomware encrypted files and added a ".TheAnonymousGlobal" extension to their titles. To elaborate, a file initially named "1.jpg" appeared
Our researchers discovered PelDox ransomware while browsing new file submissions to the VirusTotal website. Malicious software within this classification is designed to encrypt files and demand payment for the decryption. After we launched a sample of PelDox on our test machine, it encrypted file
Our researchers discovered the speedupdevice.co[.]in rogue page during a routine inspection of untrustworthy sites. It operates by endorsing browser notification spam and producing redirects to different (likely dubious/dangerous) websites. The majority of visitors enter speedupdevice.co[.]in and
Upon reviewing Tao Raiqsuv Utils, we found that it has no clear function and has been flagged as malicious by several security vendors. Furthermore, some of its components are designed to deploy Legion Loader, a malware that injects other payloads. As a result, it is highly advisable to avoid Tao
While reviewing new file submissions to the VirusTotal platform, our research team discovered the DevFrame application. Upon examination, we learned that this app operates as adware. DevFrame belongs to the AdLoad malware family. Adware stands for advertising-supported software. Its purp
Crocodilus is a trojan targeting Android operating systems. This malware seeks to steal log-in credentials, finance-related data, and cryptocurrency wallets. It has RAT (Remote Access Trojan) capabilities and can perform overlay attacks. There is evidence suggesting that the threat actors begin C
Our team has inspected the MasterSpin application and found that it generates intrusive advertisements. It acts as adware and has been flagged as malicious by several security vendors. As a result, the ads it displays may lead to harmful content, and users are advised to avoid installing the app
We have inspected the site (elixir.finance-web3[.]com) and concluded that it is a copy of the original Fake Elixir page, elixir.xyz. This fake web page is designed to steal cryptocurrency from unsuspecting individuals. Therefore, it is strongly advisable not to interact with this and similar sites
Our team has inspected the email and found that this is a phishing email disguised as a notification regarding an unusual sign-in from unauthorized geolocation. It leads to a phishing website designed to pilfer sensitive information from recipients. Such emails should be ignored to avoid potential