After examining this "Quote For Delivery Price And Time" email, we learned that it is spam. This is a phishing email that targets recipients' account log-in credentials (passwords) through an RfQ (Request for Quotation) themed lure. The spam email with the subject "Request for Quotation: U
Gunra is the name of a ransomware-type program. This piece of malicious software operates by encrypting data and demanding ransoms for the decryption. On our test machine, Gunra encrypted files and appended their names with a ".ENCRT" extension. For example, an original filename such as "1.jpg" a
Our analysis of levelupconnection.co[.]in has shown that it is a deceptive website. It uses clickbait to obtain permission to send notifications. Notifications from levelupconnection.co[.]in include fake warnings and other misleading content. Users should avoid granting permission to show notifica
SuperCard X is a mobile malware targeting Android users. It is offered to cyber criminals through a Malware-as-a-Service (MaaS) model. The attackers focus on customers of banks and credit card companies, with the goal of stealing their payment card information. Victims of SuperCard X are strongly
Our research team discovered the livecubewordopiafile[.]monster rogue page during a routine inspection of suspect websites. Upon examination, we learned that this webpage endorses dubious software and browser notification spam. It also redirects users to other (likely unreliable/hazardous) sites.
Our researchers discovered the Tasjoc Tools Quato app while inspecting dubious websites. Upon analysis, we determined that this piece of software is a PUA (Potentially Unwanted Application). It is a dropper for the Legion Loader malware. It is worth mentioning that installers like the one carrying
We have inspected the website (ipfs.interface[.]social) and found that it mimics the original/official Wrapped Bitcoin (WBTC) website. The fake site offers individuals to claim WBTC rewards as a lure. Its purpose is to trick unsuspecting users into taking actions that can lead to significant finan
Our analysis of the site (allocate-strawberry[.]com) revealed it to be a fraudulent page posing as the legitimate Strawberry (usestrawberry.ai) platform. We also discovered that the site is designed to steal cryptocurrency from victims. It is strongly advisable to avoid visiting such sites and int
We have inspected the email and concluded that it is a scam. It is disguised as a letter from the HSBC bank regarding compensation for fraud victims. Scam emails like this one are usually employed to trick recipients into transferring money and (or) sending personal information to scammers. Recipi
Rans0m Resp0nse (R|R) is ransomware developed using a leaked LockBit source code. It encrypts files, appends its extension (a random string of characters, e.g., ".RSN6Lzcyg"), and creates a ransom note ("[random_string].README.txt]"). An example of how Rans0m Resp0nse (R|R) renames files: it chang