MassJacker is a cryptojacking malware. The purpose of this malware is to steal cryptocurrency. It is likely distributed and utilized by multiple threat actors, suggesting that MassJacker may operate as a malware-as-a-service (MaaS). Users who suspect their computers may be infected should immediat
Squidoor is a backdoor-type malware that targets Windows and Linux OSes (Operating Systems). Programs within this classification open "backdoors" into targeted machines to prep them for further infection, and some can even download/install payload malware. Squidoor has been around since at least
During our inspection, we found that light-app[.]monster provides links leading to malicious downloads and requests permission to show notifications. This page should be avoided and not allowed to send notifications to avoid exposure to various online threats, including scams and malware.
In our analysis of swaprotocol[.]xyz, we discovered that this page uses clickbait to receive permission to show notifications. Once visited, the site displays deceptive content. Users should avoid visiting swaprotocol[.]xyz and never agree to receive notifications from such websites. Swapr
Zsszyy is ransomware our team discovered while inspecting malware samples submitted to VirusTotal. Ut is identical to other ransomware known as Tianrui, Hush, and MoneyIsTime. Zsszyy's purpose is to encrypt files. Also, it appends the victim's ID and the ".zsszyy" extension to files, and drops a r
Bee RAT is a Remote Access Trojan that allows cybercriminals to perform malicious activities on infected devices. With Bee RAT, threat actors can access and control infected devices remotely. RATs are usually employed to steal sensitive information, deploy additional payloads, or for other malicio
While browsing questionable websites, our research team discovered newsandads[.]top. This rogue page promotes browser notification spam and redirects visitors to other (likely untrustworthy/dangerous) sites. Most users access newsandads[.]top and analogous webpages via redirects caused by website
Highlevelnetwork.co[.]in is a rogue webpage discovered by our researchers during a routine investigation of suspicious sites. Upon inspection, we learned that this page endorses browser notification spam and produces redirects to other (likely unreliable/dangerous) websites. The majority of users
Moroccan Dragon is the name of a ransomware-type program. It is designed to encrypt files and demand payment for the decryption. On our testing system, Moroccan Dragon encrypted files and appended their names with a ".vico" extension. To elaborate, an original filename like "1.jpg" became "1.jpg.
After inspecting this "Payment Schedule Document" email, we determined that it is spam. This message claims that the recipient was sent a document detailing the payment schedule for the month. This email is fake, and its goal is to lure victims into visiting a phishing website that targets account