We discovered a malicious program called Repair while browsing new file submissions to the VirusTotal website. This software is part of the MedusaLocker ransomware family. Repair operates as data-encrypting ransomware. On our testing system, the program encrypted files and appended their filename
"Connect Collab Land" is a scam that imitates the Collab.Land platform. The scheme targets victims' digital assets by utilizing a cryptocurrency drainer. Exposing a cryptowallet to this scam can result in the theft of all the funds stored therein. This scam impersonates the Collab.Land dec
Upon inspection, we determined that the "Nibiru Chain Engagement Airdrop" is fake. This scam impersonates the Nibiru blockchain network (nibiru.fi). It entices users into exposing their digital wallets to a cryptocurrency drainer by promising rewards for their engagement. This scheme is di
Our research team discovered DumbStackz while investigating new submissions to the VirusTotal site. This malicious program is based on the Chaos ransomware. DumbStackz is designed to encrypt files and demand payment for the decryption. On our testing system, this ransomware encrypted files and ad
In our examination of the site, we discovered that it promotes the opportunity for individuals to obtain free cryptocurrency ($TOSHI). However, this scheme is among many designed to steal cryptocurrency from victims. Users are strongly recommended to disregard such pages to prevent financial loss
Our research team discovered a fake Google extension – "Save to Google Drive" – while investigating a Torrenting site that uses rogue advertising networks. This extension has data-tracking abilities and can make various modifications to browser settings. It must be emphasized that this "Save to G
Upon investigating the site, we found it to be a fraudulent website posing as the official ton[.]org page. Scammers have crafted this deceptive webpage with the intention of swindling cryptocurrency from unsuspecting users. Their goal is to deceive users into taking actions that lead to the theft
Through our analysis of the Senator malware, we determined that it is ransomware employed by cybercriminals to coerce victims to pay a ransom. We discovered Senator ransomware while examining malware samples on VirusTotal. In addition to encrypting files, Senator modifies filenames and drops a ran
After reviewing the "HSBC Transfer Request" email, we determined that it is fake. The spam letter is presented as a banking transfer request from HSBC; this lure is used to deceive recipients into disclosing their email log-in credentials to a phishing website. It must be stressed that this mail
In the course of our inspection of malware samples submitted to VirusTotal, we came across a ransomware variant dubbed Lethal Lock. This ransomware encrypts files and appends its extension to filenames (".LethalLock"). Also, Lethal Lock generates a ransom note ("SOLUTION_NOTE.txt") and changes the