Vect is ransomware that we have discovered while inspecting malware samples uploaded to VirusTotal. Once a system is infected, this ransomware encrypts and renames files, changes the desktop wallpaper, and drops a ransom note ("!!!_READ_ME_!!!.txt"). An example of how it renames files: it changes
Our assessment indicates that huverify.co[.]in is set up to manipulate visitors into enabling notifications. Once permission is given, it can push deceptive alerts, fraudulent promotions, and other questionable content intended to drive traffic to unreliable websites. Users are advised not to trus
Our analysis shows that cholablelogne[.]com is designed to trick users into accepting its notifications. If permission is granted, it may send misleading alerts, fake offers, and other unreliable contend used to promote shady websites. Users should avoid visiting cholablelogne[.]com and never allo
SnappyClient is malware delivered through HijackLoader. It is written in C++ and used by cybercriminals to remotely control infected devices (as a remote administration Trojan) and steal data. Once a system is infected, SnappyClient can communicate with a C2 server to receive instructions.
Torg is an information-stealing malware that grabs data from infected devices. It sends stolen information to attackers using an API system. Torg is sold as part of a malware-as-a-service (MaaS) operation. If Torg is detected on a system, it should be removed as soon as possible. Torg targ
Miolab (also known as Nova) is an information stealer targeting macOS users. It is sold to cybercriminals via hacker forums using the Malware-as-a-Service (MaaS) model. Miolab can steal information from cryptocurrency wallet extensions, web browsers, and various managers, and can grab files from
Bear is ransomware from the MedusaLocker family. We have discovered it while examining malware samples uploaded to VirusTotal. When executed, Bear encrypts files and appends its extension. It also changes the desktop wallpaper and creates the "READ_NOTE.html" file, a ransom note. Bear appends the
Our findings indicate that orbitboostlabs[.]com is a site designed to deceive visitors into enabling notifications. If allowed, it can send fraudulent alerts and deceptive offers that promote unreliable websites. Users should avoid visiting orbitboostlabs[.]com and never allow websites of this kin
Our analysis has revealed that metachainedge[.]com is one of the numerous websites designed to trick visitors into agreeing to receive notifications. If this page gets this permission, it can send fake alerts, offers, and other misleading content used to promote untrustworthy websites. It is highl
We have reviewed the email and found it to be a fake notification from an email service provider regarding an "email quota". The scammers behind this email seek to trick recipients into believing they must take quick action. Their goal is to steal personal information via a fake website. Recipient