Our discovery of Termite occurred while examining malware samples submitted to VirusTotal. We found that Termite is ransomware belonging to the Babuk family. Once the system is infected with Termite, the malware encrypts files, appends the ".termite" extension to filenames, and creates a ransom no
We have examined the email and concluded that it is a scam. Scammers created this fraudulent email to steal personal information from recipients. They disguised the email as a letter regarding a special holiday gift (a purchase discount). Recipients should ignore this email to avoid privacy risks.
Upon inspection, we determined that the "Your Office Account Storage Is Nearly Full" email is spam. It claims that the recipient's email account is close to reaching its storage limit. Thus, when users attempt to increase the storage – they are tricked into disclosing their email log-in credential
Our researchers discovered surgesignal[.]top rogue page while investigating dubious websites. After examining this webpage, we learned that it promotes browser notification spam and redirects users to other (likely unreliable/dangerous) sites. The majority of visitors to surgesignal[.]top and sim
We have inspected this email and discovered that it is designed to trick recipients into believing they have received a notification from an email service provider regarding a "space for the office account". Scammers behind this scheme seek to extract personal information from unsuspecting recipie
Equalizer for Chrome browser is an extension promoted as an audio modifying and improving tool. It is classed as advertising-supported software (adware). It has been reported that Equalizer for Chrome browser produces ransom redirects to deceptive and possibly malicious websites. Adware is
During our investigation of the page (enter-shirocoin[.]com), we determined that it is a fraudulent site designed to imitate shirocoin.io. Created by scammers, its purpose is to steal cryptocurrency from unsuspecting users. Individuals should avoid interacting with the site to protect their assets
Our inspection of the "Re-Activate Your Mailbox Address" email revealed that it is spam. This message states that the recipient must reactivate and verify their account to prevent deactivation. Users deceived into attempting to fix this fake issue are lured into entering their email log-in credent
DroidBot is a Remote Access Trojan (RAT) targeting Android users. It can monitor user interface, log keystrokes, and perform hidden VNC and overlay attacks. It employs dual-channel communication, sending data via MQTT and receiving commands over HTTPS for improved flexibility and resilience.
After examining the "Procedure To Update And Keep Your Email Password" message, we determined that it is spam. It claims that the recipient's account password will expire soon and must be updated. The goal of this spam mail is to lure users into visiting a phishing website that targets email log-i