Our research team discovered an installation setup containing the Columbiformes browser extension during a routine investigation of suspect sites. This piece of malicious software targets Google Chrome and Microsoft Edge browsers. Columbiformes is capable of modifying the software and collecting b
While investigating suspicious sites, our researchers discovered an installer containing VBMarker. This Potentially Unwanted Application (PUA) likely has harmful capabilities. Software within this classification commonly uses disguises and promises of useful functionalities to lure users into dow
While scrutinizing the application, it was revealed that it cannot be trusted and should be avoided. Fulltimehighpotencyguard[.]info displays deceptive content to trick visitors into believing that their computers are infected and agreeing to receive notifications. Usually, sites like fulltimehigh
After inspecting this "LENA Token Distribution" event, we determined that it is fake. Eligible users will supposedly receive Lena NFTs (Non-Fungible Tokens). However, after a digital wallet is connected to this scheme – it starts operating as a cryptocurrency drainer. The website running "
GoStealer, crafted in the Golang programming language, operates as an information-stealing threat. Once implanted, GoStealer exhibits the ability to covertly extract sensitive data, posing a significant risk to the security and privacy of affected users and organizations. This threat should be rem
Mycommonjournal[.]com is a rogue webpage that our research team discovered during a routine inspection of suspicious sites. It is designed to promote browser notification spam and redirect visitors to other (likely dubious/malicious) websites. Most users access pages like mycommonjournal.com via
This is a scam email masquerading as a notification regarding an iCloud subscription. The scammers behind it seek to deceive recipients by falsely claiming that the renewal of their iCloud storage subscription has encountered issues, leading to the potential deletion of photos and videos. The ulti
While reviewing new submissions to the VirusTotal website, our researchers discovered Fearful.app. Upon inspection, we determined that this application is part of the Pirrit adware family. Fearful.app operates as advertising-supported software (adware). This piece of software runs intrusive adve
After examining the page, we have determined that it is a fraudulent scheme posing as a platform for finding active airdrops. The website pretends to be a legitimate Metamask (cryptocurrency wallet software) page, providing instructions for users to take specific actions to assess their eligibilit
While analyzing malware samples using VirusTotal, we detected a ransomware variant known as Avanzi, which is associated with the Dharma family. Upon successfully infiltrating a computer, Avanzi encrypts files, alters filenames, presents a ransom note, and generates an additional note in the "info.