Our research team discovered FortyFy through a deceptive webpage, which was reached via redirect caused by a Torrenting website that uses rogue advertising networks. This browser extension supposedly prevents access to potentially harmful sites. The installer promoting FortyFy contained a variety
Fickle is a stealer-type malware written in the Rust programming language. This malicious program is designed to steal vulnerable information from devices. Fickle has bee around since at least the spring of 2024. This stealer is highly flexible and can infiltrates system in several different multi
After investigating several "Conflict With Your Company Name Or Trademark" emails, we determined that they are spam. These fake letters claim that a registration attempt has been made with the .cn domain that includes keywords associated with recipients' company names or trademarks. The purpose of
While inspecting new VirusTotal submissions, our research team discovered the Anonymous Arabs ransomware. This malicious program is based on the Chaos ransomware. It is designed to encrypt files and demand ransoms for their decryption. After we executed a sample of Anonymous Arabs on our testing
Our research team discovered FractionConsole while reviewing new file submissions to the VirusTotal website. After analyzing this application, we determined that it is advertising-supported software. This adware is part of the AdLoad malware family. Adware usually operates by displaying
The "Account Password Needs To Be Reset" email is spam. The fake letter states that the recipient's email account has been blocked and that they need to reset the password to restore access. This email promotes a phishing website disguised as a sign-in page to deceive recipients into disclosing th
After examining the "Chase - Access Restricted" email, we determined that it is fake. It claims that unusual activity was detected on the recipient's online bank account. The goal is to deceive them into disclosing their account log-in credentials to a phishing site. It must be emphasized that th
Our researchers discovered LocalInfo while browsing new submissions to the VirusTotal platform. After inspecting this app, we learned that it is adware from the AdLoad malware family. LocalInfo displays advertisements, and it may possess other harmful capabilities. Advertising-supported
CacheDivision is the name of a rogue application discovered by our researchers during a routine inspection of new file submissions to the VirusTotal site. Upon our examination, we determined that this app is adware belonging to the AdLoad malware family. CacheDivision is designed to generate rev
Our examination of the "SSL Port Server Errors" email revealed that it is spam. This mail endorses a phishing scam targeting recipients' email account log-in credentials by making false claims regarding messages failing to reach their inbox. The spam letter with the subject "Server refresh