LockBit 4.0 is a new variant of the LockBit ransomware. This version was released in February 2024, the same month law enforcement agencies arrested two LockBit operators. Five days following the breach, the threat actors released a statement regarding restructuring and intentions to continue oper
In the course of our inspection of malware samples on VirusTotal, we came across a ransomware variant dubbed Frea. As a rule, malware of this type encrypts files and demands payment for decryption. In addition to encrypting files, Frea appends its extension to filenames (".frea"), provides a ranso
During our examination of the updates-mac[.]com page, we noted its practice of displaying deceptive content to persuade visitors to grant permission for notifications. Such websites, including updates-mac[.]com, should not be trusted, as their notifications may direct users to potentially harmful
During our examination of the Words Finder browser extension, we discovered that it compels users to visit wordsfinder.xyz by altering the settings of their web browser. This action constitutes browser hijacking. It is advisable for users to remove applications like Words Finder from hijacked brow
In our examination of the TechLookupTool application, we determined its primary function is to present users with assorted advertisements, categorizing it as adware. Apps like TechLookupTool are notorious for displaying deceptive ads and potentially gathering diverse user data. Consequently, it
Our research team found the ProgramIndexer app while reviewing file submissions to the VirusTotal website. After inspecting this application, we determined that it is advertising-supported software (adware) from the AdLoad malware family. Adware generates revenue for its developers throu
Wallpapers - New Tab is a rogue browser extension discovered by our researchers during a routine investigation of questionable websites. This software promises to display browser wallpaper. However, upon inspection, we learned that Wallpapers - New Tab modifies browser settings to promote the khe
Upon examination, we determined that the "Confirm Hotel Bank Account" email is malspam. This letter requests the recipient to review the attached receipt to confirm that the correct bank account is indicated in the payment. However, the attachment is intended to infect devices with the XLoader mal
Upon reviewing the email, we have identified it as a fraudulent message generated by cybercriminals impersonating hotel administration or a similar entity. The intent behind this email is to deceive recipients into unwittingly installing and activating malware on their devices. Therefore, recipien
After inspecting the "Operating System Was Compromised Under My Direction" email, we determined that it is spam. This fake letter promotes a sextortion scam. The goal is to trick recipients into paying a ransom to prevent a hacker from leaking compromising footage and other personal data. It must