Upon reading the "Invoice Request" email, we learned that it is spam. This letter supposedly includes a contract renewal document attached to it. The attachment imitates a PDF document, and it operates as a phishing file that targets log-in credentials. The spam email with the subject "Re:
After inspecting this "DYDX NFT Airdrop", we determined that it is fake. This scam impersonates the dYdX decentralized exchange (dydx.exchange). The scheme runs an airdrop, and when users attempt to participate – they expose their cryptocurrency wallets to a crypto drainer. IMPORTANT NOTE: W
During a routine investigation of new submissions to VirusTotal, our research team discovered the SHINRA malicious program. It is a variant of the Proton ransomware. SHINRA is designed to encrypt data and demand ransoms for its decryption. On our testing system, this ransomware encrypted files an
Upon examining the page, we found that it hosts a fake cryptocurrency giveaway. The scammers behind this bogus giveaway aim to trick unsuspecting individuals into believing that by participating, they can receive Bitcoin and Ethereum cryptocurrency. However, victims of such scams lose their crypto
Discovered by Yogesh Londhe, Ghostly is a piece of malicious software classified as a stealer. As the classification implies, this malware extracts and exfiltrates vulnerable information from infected machines. Targeted data and how it is abused depends on the stealer's design and the attackers' m
We have examined the email and learned that it is a phishing email disguised as a letter from an email service provider. Scammers crafted this email to extract personal information from unsuspecting recipients. Whoever receives this or a similar email should ignore it to avoid potential harm.
X-finder.pro (another variation - xfinder.pro) is the address of a fake search engine promoted by the "X-Finder. Search" browser hijacker. This extension modifies browser settings to generate redirects that can land on different sites. X-Finder. Search has been observed being proliferated by the C
Discovered by @g0njxa, Dracula is a type of malware designed to infiltrate computers and steal sensitive information. Typically, threat actors use such malware to steal data that can be exploited for various malicious purposes, including identity theft and financial fraud. Victims should immediate
We have inspected the MoaNesiotis browser extension and discovered that it can enable the "Managed by your organization" feature, read various information, and manage certain components within affected browsers. Also, MoaNesiotis is distributed using unreliable sites. Thus, users should avoid addi
Shadow (Ran_jr_som) is a ransomware variant we discovered while analyzing malware samples submitted to VirusTotal. Upon infiltration, Shadow encrypts data and appends the ".Shadow" extension to filenames (sometimes it appends this extension twice). Additionally, this ransomware creates a ransom no