Risen is a ransomware variant that our team discovered during an analysis of samples uploaded to the VirusTotal platform. We learned that Risen encrypts (and renames) files, creates two ransom notes ("$Risen_Note.txt" and "$Risen_Guide.hta", changes the desktop wallpaper, and presents a message on
GuardZoo is a malware based on the Dendroid RAT (Remote Access Trojan) that was leaked in 2014. GuardZoo has been widely used to conduct surveillance and espionage operations. Among the malware's capabilities are device location tracking and file stealing features. GuardZoo is involved in a campa
SMS Stealer targeting Android users is malicious software designed to secretly access and extract text messages from a victim's device. This threat can compromise personal information without the user's knowledge. Thus, Android users should be careful and employ security measures to avoid this mal
OneStart is a browser based on the Chromium open-source project. It is promoted as an AI (Artificial Intelligence) assisted browser that provides easy access to various tools and services. OneStart also creates a desktop toolbar. This browser may infiltrate systems by being bundled with other app
While inspecting BasicApplication, we found that it generates annoying advertisements. Thus, we classified BasicApplication as adware. Typically, software of this type is distributed using questionable methods and promoted as some useful tool. Thus, users often install it without knowing it will
After examining the "Official Notification: Performance Evaluation Access" email, we determined that it is spam. Presented as a workplace performance evaluation report, this scam letter aims to trick recipients into visiting a phishing site that targets email account log-in credentials. Th
We have analyzed this email and uncovered that it is a scam email designed to trick recipients into disclosing personal information. Emails of this type are classified as phishing emails. In this particular case, scammers use a fraudulent attachment to extract information. Recipients should ignore
After reading the "Irrevocable Payment Order" email, we determined that it is spam. This fake letter claims that funds were withheld from the recipient due to banker corruption. Following an investigation, it was decided to immediately release the exorbitant amount of money to the recipient once t
Our team has inspected this email and concluded that it is a fake notification regarding files that supposedly were received via Google Drive. The purpose of this email is to extract personal information from recipients. Such emails are known as phishing emails, and they should be ignored.
We have examined NetUpdate and discovered that this application operates as adware. Upon installation, it serves annoying advertisements. Usually, apps of this type are promoted and distributed using deceptive methods to trick users into downloading and installing them. NetUpdate can dis