Strike is ransomware belonging to the MedusaLocker family. We discovered it while inspecting samples uploaded to VirusTotal. Upon execution, Strike encrypts files and appends the ".strike7" extension (the number in the extension may vary). For instance, it renames "1.jpg" to "1.jpg.strike7", "2.pn
We have reviewed foricarm[.]com and concluded that the site is designed to trick visitors into accepting its notifications. It uses clickbait to obtain permission to send those notifications. Usually, websites like foricarm[.]com bombard users with annoying and unwanted ads, fake warnings, and sim
Our analysis has revealed that this is a scam email (a phishing attempt) disguised as a "reminder" from the HR department. It includes a link that leads to a fake website. The scammers behind this fraudulent email seek to lure recipients into revealing personal information on the provided site.
ZeroDayRAT is a remote access trojan (RAT) sold through Telegram channels. The RAT alows cybercriminals to control infected devices remotely. It targets various versions of both Android and iOS systems. ZeroDayRAT supports activities such as live monitoring, data extraction, and financial exploita
We have reviewed the email and found it to be a phishing attempt posing as an urgent notice from the email service provider. The message is designed to look urgent and important to deceive recipients into opening a fraudulent site and disclosing personal information. Recipients should not respond
After analysing the email, we determined that it is a phishing attempt disguised as a notification regarding an email account closure. This fraudulent message is crafted to appear urgent and important in order to trick recipients into entering personal information on a fake website. This email sho
Phexia is a type of malware that targets macOS devices. It can steal sensitive information from infected systems. The malware also includes a backdoor that gives attackers remote access. Usually, malware like Phexia is used to harvest various details that can be misused for malicious purposes an
Our inspection has revealed that it is a phishing email designed to look like an important notification from the email service provider. It includes a link to a fake website designed to steal personal details. Victims of this scam can lose access to their email and possibly other accounts.
We have examined the website (claim-liquid.pages[.]dev) and found that it is designed to steal cryptocurrency from victims and promotes a fake airdrop (giveaway) as a lure. Moreover, the site mimics the original MemeLiquid site (memeliquid.io) to appear legitimate. Users should avoid the fake webs
While inspecting malware samples uploaded to VirusTotal, we discovered BuP1w, a ransomware that encrypts data and appends the ".BuP!w3" extension to files. For instance, it renames "1.jpg" to "1.jpg.BuP!w3", "2.png" to "2.png.BuP!w3", "3.exe" to "3.exe.BuP!w3", etc. This ransomware also changes th