We discovered Pwn3d while analyzing samples submitted to the VirusTotal platform. During the inspection, we found that Pwn3d is ransomware that encrypts and renames files and creates a text file ("README.txt") containing a ransom note. Pwn3d appends a string of random characters and the ".pwn3d" e
During our inspection of ProductiveRecognition, we noticed that the app delivers intrusive advertisements. This finding has led us to classify ProductiveRecognition as adware. It is common for software of this type to be advertised as legitimate and useful to trick users into installing it on th
During our review of Applvl, we found that the application is hosted on a suspicious website and does not have any clear functionality. Moreover, Applvl is bundled with other questionable programs. To avoid potential security and privacy risks, users should not trust and install Applvl. Si
After investigating this "Drop Coin" airdrop, we determined that it is fake. The scam claims to be a giveaway for DropCoin (DROP). However, when users connect their digital wallets to the scheme, they are exposed to a cryptocurrency drainer. Victims of scams like this fake airdrop experience finan
After reading the "EUROMILLONES LOTERIA INTERNATIONAL" email, we determined that it is spam. The letter claims that the recipient has won the Euromillones lottery. Typically, scam mail of this kind targets sensitive information or funds directly. It must be stressed that the information in this e
Copybara is the name of an Android-type malware that operates as a RAT (Remote Access Trojan), spyware, and information stealer. This malicious program was first discovered in the autumn of 2021, and the latest variant emerged in November 2023. Copybara infiltrates systems under the guise of vari
NGate is an Android-specific malware. The goal of this software is to enable cyber criminals to make ATM withdrawals from victims' bank accounts. However, the technique used by NGate to facilitate this activity could be used for other malicious purposes. At the time of writing, this malware was u
Our researchers discovered Razrusheniye ransomware while investigating new submissions to the VirusTotal platform. Malicious programs within this category operate by encrypting data and demanding payment for the decryption. After we executed a sample of Razrusheniye on our test machine, it encryp
HZ RAT is a backdoor malware targeting macOS users (more precisely, users of DingTalk and WeChat versions for macOS). It is important to note that there is also a Windows version of HZ RAT malware. In order to avoid potential risks, victims should remove the malware from infected computers as so
Bull Checker is a malicious browser extension that operates as a cryptocurrency stealer. It modifies digital asset transactions to reroute them into wallets in the cyber criminals' possession. At the time of research, Bull Checker targeted Solana cryptocurrency (SOL). Upon installation, th