While inspecting file submissions to the VirusTotal site, our researchers discovered the Core ransomware. It is part of the Makop ransomware family. Malicious programs within this classification are designed to encrypt data and demand ransoms for the decryption. After we executed a sample of the
Search.trktacular.com is a fake search engine. It cannot provide search results and produces various redirects. Typically, websites of this kind are endorsed by browser hijackers. Search.trktacular.com has been observed being promoted by multiple hijacker-type browser extensions. It is noteworthy
We have inspected chainintegration.co[.]in and found that its purpose is to obtain permission to show notifications. However, the site uses clickbait, a deceptive method, to get this permission. Moreover, allowing chainintegration.co[.]in to send notifications can expose users to scams and other t
After reading this "PROTON LOTTERY" email, we determined that it is spam. The fake message claims that the recipient has won over three hundred thousand USD in a lottery. It must be emphasized that this information is false, and this mail is not associated with any legitimate entities. It is a ph
Our examination of the email has revealed that it is a phishing email designed to steal login credentials from unsuspecting recipients. Scammers disguised their message as a notification from Microsoft to lure recipients. Emails of this type should be ignored to avoid potential consequences.
Our analysis indicates that TechBoost functions as adware: the app bombards users with intrusive advertisements that may expose them to scams and other online threats. Furthermore, multiple security vendors have classified TechBoost as malicious. Therefore, users should refrain from installing t
While browsing suspicious sites, our researchers discovered the "DebugDappNode Wallet Connection" scam. The deceptive page (swiftlivechain.pages[.]dev; potentially other domains) claims to be able to rectify various cryptocurrency wallet issues. Instead, the scam operates as a drainer – by stealin
Tiny FUD is a Trojan that targets macOS users. The term FUD (Fully Undetectable) implies that the malware is built to avoid detection by antivirus and other security tools. It tricks security software by changing process names, using DYLD injection, and running commands from a command-and-contro
Networkcycle.co[.]in is the address of a rogue webpage designed to promote browser notification spam and generate redirects to different (likely dubious/hazardous) sites. Most visitors access pages of this kind through redirects produced by websites that utilize rogue advertising networks. Our re
Suaiqi App is a PUA (Potentially Unwanted Application) discovered by our researchers in an installer promoted by a rogue website. This setup also included the fake "Save to Google Drive" browser extension. Upon investigation, we determined that Suaiqi App acts as a dropper for the Legion Loader ma