During our inspection of the email, we found it to be a phishing attempt. The purpose of this email is to trick the recipient into believing they have received a letter regarding a purchase order and providing personal information. Recipients should ignore this email (not provide any requested det
Mandrake is a spyware targeting Android devices. Malicious software within this classification is designed to steal and record victims' information. One of the primary goals of Mandrake is to acquire log-in credentials. This malware has been around since at least 2016. Multiple variants of Mandra
Our analysis of the Funny Tool Redirect extension has shown that it is designed to redirect users to google.com in a specific circumstance. We also found that Funny Tool Redirect is distributed via malicious installers. Therefore, users should avoid adding Funny Tool Redirect to browsers and remov
Cronus is malware that operates as ransomware. We discovered it while examining samples uploaded to VirusTotal. During our inspection, Cronus encrypted files and replaced their extensions with five random characters. It also changed the desktop wallpaper and provided a ransom note ("cronus.txt").
After inspecting the "Messages Have Been Temporarily Held" email, we determined that it is spam. This phishing letter claims multiple messages were withheld from reaching the recipient's inbox. The spam mail lures victims into disclosing their email account log-in credentials under the guise of a
BadPack is an APK file that has been intentionally crafted to be malicious. Usually, this involves a threat actor modifying the header information in the APK file's compressed format. A couple of examples of Android malware that uses BadPack are BianLian, Cerberus, and TeaBot. APK files ar
Our analysis of the email has shown that it is a phishing email disguised as a letter regarding a purchase order. Typically, phishing emails are utilized for the purpose of extracting personal information from recipients. Recipients should ignore this and similar emails to avoid possible consequen
We have inspected this email and concluded that it is a phishing attempt masquerading as a notification regarding the suspension of the recipient's MetaMask wallet. This scam email is created by scammers with the intention of extracting personal information from recipients. Whoever receives this e
Our research team found AssistField while browsing new file submissions to the VirusTotal website. After analyzing this application, we determined that it is advertising-supported software. This adware belongs to the AdLoad malware family. AssistField is designed to feed users with unwanted and
After investigating this "Wells Fargo - Unusual Account Activity" email, we determined that it is fake. The spam email claims the recipient's online bank account has been temporarily suspended due to suspicious activity. This lure tricks recipients into disclosing their account log-in credentials