Our discovery of Aptlock occurred while analyzing malware samples submitted to VirusTotal. Aptlock is ransomware that encrypts files, appends the ".aptlock" extension to files, changes the victim's wallpaper, and provides a ransom note ("read_me_to_access.txt" file). An example of how files encry
G700 is a Remote Access Trojan (RAT) with versions written in Java and C# programming languages. This Android-targeting malware is an advanced variant of the CraxsRAT. G700 is a multi-functional program with extensive data-stealing, spying, and financial-theft related abilities. G700 is a
We have inspected the email and concluded that it is a phishing attempt. The email is disguised as a notification regarding a new sign-in to an email account. It is created to lure unsuspecting recipients into opening the included link (website) and entering personal information. Recipients should
We have inspected GlobalHelper and found it to be an advertising-supported application (adware). Usually, software of this type delivers annoying advertisements. Clicking them can take users to unreliable pages, especially when delivered by apps like GlobalHelper that are distributed using dubio
Our analysis of oxylersess.co[.]in shows that it employs clickbait to obtain permission to display notifications. Once permission is granted, the site can display deceptive notifications that redirect users to unsafe websites. Thus, it is recommended to avoid oxylersess.co[.]in (and never allow si
During a routine inspection of new file submissions to the VirusTotal platform, our researchers discovered the ActiveNavigation app. Our examination of this software revealed that it is adware from the AdLoad malware family. ActiveNavigation is designed to generate revenue for its developers/pu
After examining this "$DOGE Airdrop", we determined that it is fake. Supposedly, eligible users can receive up to 25,000 Dogecoins (DOGE) from this airdrop. However, not only will victims of this scam not receive any cryptocurrency, but they will also expose their cryptowallets to a drainer design
"Document Shared Securely" is a spam email. It alerts the recipient of a supposed "secure document" sent to them. The purpose of this campaign is to endorse a phishing webpage that targets account log-in credentials. Despite how legitimate this "Document Shared Securely" email may appear, it is no
After analyzing the email, we've determined it to be a fraudulent notification purportedly from HSBC bank. This email is a phishing attempt designed by scammers to trick recipients into providing personal information via a fake form. Such emails should be ignored to avert potential risks.
FunkLocker, also known as FunkSec, is a ransomware-type program. It operates by encrypting files and demanding ransoms for the decryption. After we executed a sample of FunkLocker (FunkSec) ransomware on our test machine, it encrypted files and appended their names with a ".funksec" extension. To