Secplaysomware is ransomware that our team discovered while examining malware samples submitted to VirusTotal. Once infiltrated, Secplaysomware encrypts files, appends its extension (".qwerty") to filenames, and creates a text file (a ransom note named "UNLOCK_README.txt"). For instance, it rename
During a routine inspection of new file submissions to the VirusTotal platform, our researchers discovered the SourceManager app. Upon examination, we learned that this application is advertising-supported software (adware). SourceManager is part of the AdLoad malware group. Adware aims
Wrop Appq is a Potentially Unwanted Application (PUA). Our researchers discovered this app promoted by a scam page found during a routine investigation of a Torrenting website that utilizes rogue advertising networks. Unwanted applications typically possess harmful capabilities and tend to infilt
After inspecting this "You Have A New Purchase Order" email, we learned that it is spam. It is a fake notification alerting recipients of a new purchase order. With this lure, the email entices users into visiting a phishing website that targets account log-in credentials. The spam email w
SUPERLOCK is a ransomware-type virus designed to encrypt files and demand ransoms for the decryption. This program changes the names of locked files by appending them with a ".victim's_ID.superlock" extension. To elaborate, a file initially titled "1.jpg" could appear as "1.jpg.08499B3C3DB52104.su
Our examination of the email has shown that it is a scam email imitating a notification from DHL. Scammers crafted this fraudulent email to lure recipients into revealing personal information on a fake web page. Such emails are classified as phishing emails. Users should be able to recognize such
Upon examining the website (pudgypengiun[.]xyz), we discovered it to be a fraudulent platform designed to closely resemble pudgypenguins.com. This fake site is created by scammers with the intent to steal cryptocurrency from unsuspecting users. Users should always examine crypto platforms before t
After examining this "Pay Advice" email, we determined that it is spam. It is presented as a notification concerning the recipient's payroll. It must be emphasized that this fake message is not associated with any legitimate service providers. The purpose of this spam mail is to deceive recipients
Our team has examined the website (base-fastbitco[.]top) and found that it is a scam site imitating the real Coinbase page (coinbase.com). The purpose of this scam site is to steal money and potentially personal information from unsuspecting individuals. This and similar web pages should be avoide
We have reviewed this website and found that it runs a pop-up scam. On this site, a deceptive message is presented to trick visitors into taking certain actions. Users should not trust such pages and close them if encountered to avoid security and privacy risks. Engaging with such sites can lead t