After inspecting the "Capital One - Unrecognized Transaction Claim" email, we determined that it is fake. This spam letter states that the investigation concerning a suspicious credit card transaction has been completed. The goal is to lure recipients into disclosing their account log-in credenti
Anonymous France is ransomware that our team discovered while examining samples uploaded to VirusTotal. We found that it encrypts files, changes their filenames, changes the desktop wallpaper, and drops ten identical ransom notes (text files from "README1.txt" to "README10.txt"). Anonymous France
In our examination of kumpoaphy[.]com, we found that this site presents deceptive content and aims to receive permission to send notifications. As a rule, sites like kumpoaphy[.]com display misleading notifications to promote questionable (potentially malicious) websites. Thus, kumpoaphy[.]com and
Our analysis of crystalcraft[.]top has shown that this web page employs clickbait to receive permission to deliver notifications. Sites of this type cannot be trusted, as they can show fake warnings and other notifications designed to promote shady websites. Overall, crystalcraft[.]top should be a
Seidr is a stealer-type malware written in the C++ programming language. This malicious program is designed to steal data from infected devices. Seidr targets a variety of sensitive information, including saved log-in credentials and cryptocurrency wallets. Additionally, Seidr can function as a ke
AwSpy is the name of a malicious program targeting Android operating systems. It is classed as spyware; software within this class is designed to stealthily record and exfiltrate content from devices. AwSpy has been observed targeting users in South Korea. AwSpy has been noted infiltrating
While browsing submissions to the VirusTotal site, our researchers discovered Ztax ransomware. This malicious program is part of the Dharma ransomware family. On our test machine, Ztax encrypted files and altered their filenames. Original titles were appended with a unique ID assigned to the vict
Our researchers discovered the karakorampeak[.]top rogue page while investigating dubious websites. Upon inspection, we learned that this webpage promotes spam browser notifications and causes redirects to other (likely unreliable/hazardous) websites. The majority of visitors to karakorampeak[.]t
Our researchers discovered NK – a ransomware-type program based on Chaos – while reviewing file submissions to the VirusTotal platform. Ransomware is designed to encrypt files and demand ransoms for the decryption. After we launched a sample of NK on our testing machine, it encrypted files and ap
SwiftSeek is a browser hijacker. Our researchers found this extension in an installer promoted by a deceptive page, which was discovered during a routine investigation of suspicious websites. Browser hijackers operate by making changes to browser settings to endorse (via redirects) fake search en