After examining this "Bittrex Inc Bankruptcy Notice" email, we determined that it is spam. This fake message states that account holders with the Bittrex cryptocurrency exchange can reclaim their holdings, and the recipient can now transfer over four thousand USD of their digital assets. The scam
Anarchy is a malicious program designed to encrypt data and demand payment for the decryption. Due to this behavior, Anarchy is classified as ransomware. On our testing system, this malware encrypted files and appended their filenames with an "_anarchy" extension. For example, a file initially na
SlowStepper is a backdoor-type malware. Programs within this classification are intended to open a "backdoor" into systems for further infections and, in some cases – even carry them out. SlowStepper was developed at least as early as 2019. It is a sophisticated backdoor that relies on multiple m
BackConnect (BC) is malware that establishes a connection between the infected device and a command-and-control (C&C) server controlled by the attacker. The malware has been linked to the QakBot loader and has been found on the same infrastructure that was used to distribute the ZLoader malwar
Search.withaiforchrome.com is a fake search engine discovered by our researchers while analyzing the ChatGPT Search for Chrome™ browser hijacker. This extension is advertised as a tool that provides a search option with an integrated ChatGPT generative artificial intelligence chatbot. The inclusi
We have inspected the email and concluded that it is a phishing email. It is disguised as a letter regarding a request for a quotation plan and contains a link to a phishing website. The goal of the scammers behind this deceptive email is to trick recipients into disclosing personal information.
Our analysis of the site showed that its purpose is to promote a scam ("McAfee Total Protection has expired") and obtain permission to send notifications. Users should not visit baselanding[.]site and never agree to receive notifications from such pages. Doing so can lead to scams and other online
Upon inspection, our researchers determined that the "Sign-in Attempt Was Blocked" email is spam. This fake message alerts the recipient of a blocked sign-in attempt to their account. The goal is to lure recipients into visiting a phishing website that targets email account log-in credentials.
Disoaq App is a PUA (Potentially Unwanted Application) discovered by our researchers while analyzing a rogue installer. Software within this classification usually has undesirable and hazardous capabilities. Upon investigation, we learned that Disoaq App operates as a dropper for the Legion Loade
Our team has analysed the email and learned that it is written by scammers. It is presented as a message from Capital One regarding an unusual spending. Capital One is a legitimate financial institution in the United States and it has nothing to do with this scam. Recipients of such emails should