While inspecting new malware submissions to the VirusTotal platform, we discovered the Allarich ransomware. Malicious software within this classification is designed to encrypt files and demand payment for the decryption. After we launched a sample of Allarich on our test system, it encrypted fil
After inspecting the "Webmail - Mail Basic" email, we determined that it is spam. This fake message claims that the email security server was updated and a new mailbox was set up. The recipient can configure and begin using the nonexistent account by following the linked website, which is a phishi
While browsing file submissions to the VirusTotal site, our researchers discovered the Capmaking.app adware. Upon a closer inspection, we learned that it is part of the Pirrit adware family. Advertising-supported software is designed to generate revenue for its developers/publishers through adve
Our examination of the "Adobe Contract Agreement" email revealed that it is spam. This deceptive mail lures recipients into visiting a phishing website that targets email account log-in credentials by baiting them with a nonexistent contract document. Victims of this scam letter risk having their
Hawk Eye is a ransomware based on Chaos that our researchers discovered during a routine inspection of file submissions to the VirusTotal site. Ransomware operates by encrypting data in order to make ransom demands for its decryption. On our testing system, Hawk Eye encrypted files and appended t
After inspecting the "Adobe Cloud Service" email, we determined that it is spam. The phishing letter falsely claims that the recipient was sent a business contract related document. By attempting to view the bogus file, recipients are lured into disclosing their email log-in credentials – thus exp
Our research team discovered the AttackNew ransomware during a routine investigation of file submissions to the VirusTotal platform. This malware belongs to the MedusaLocker ransomware family. We obtained a sample of AttackNew and executed it on our test machine. The ransomware encrypted files an
After reading the "MailBox De-activation" email, we determined that it is spam. This phishing message claims to be running a "spam verification survey" with the goal of deceiving recipients into disclosing their email account log-in credentials. The spam email with the subject "Mailbox Ter
Our research team discovered Griffin ransomware while checking out new submissions to the VirusTotal platform. Malicious software within this classification is designed to encrypt data and demand payment for the decryption. On our testing system, Griffin encrypted files and modified their names.
After inspecting this "VATTENFALL AB" email, we determined that it is fake. This spam letter is presented as an invitation to bid on a project. It must be emphasized that all the information provided by this email is false, and this mail is in no way associated with Vattenfall – the multinational