We have inspected this email and concluded that its goal is to extract personal information from unsuspecting recipients. The email described in our article masquerades as a notification from Crédit Agricole, a legitimate French international banking group. Such fraudulent emails are referred to a
Energyprotab.com is the address of a fake search engine that we discovered promoted by the Energy Pro Tab browser hijacker. This extension is endorsed as a tool that allows users to customize their browser tabs and support green energy initiatives. Instead, Energy Pro Tab makes changes to browser
We have examined the site and found that it is a scam page designed to trick visitors into believing that an unusual application has been detected in their operating system. The purpose of this scam is to lure unsuspecting users into calling the provided number. Such fraudulent schemes are known a
We found that srcingan.com is a fake search engine promoted via a browser hijacker known as Anime Nook. Usually, browser hijackers promote fake search engines by changing the settings of hijacked browsers. Users often add apps of this type unintentionally (without knowing these apps will hijack th
Upon inspecting Cyclostomatous, we concluded that it functions as adware (the app delivers annoying advertisements) and is part of the Pirrit family. In order to avoid potential issues, users should not install apps like Cyclostomatous and remove them from affected devices as soon as possible.
Our researchers found the Lobelia application while investigating new file submissions to the VirusTotal platform. Upon closer inspection, we determined that it is adware from the Pirrit family. Advertising-supported software operates by running intrusive advertisement campaigns and may possess
While inspecting new file submissions to VirusTotal, our research team found the Capibara ransomware. It operates by encrypting files to collect ransom payments. We obtained a sample of this malware and executed it on our testing system. We found that the filenames of files encrypted by this rans
After inspecting "IRS Crypto", we determined that it is a scam. It imitates the IRS (Internal Revenue Service); specifically, it is presented as a portal for handling taxes on cryptocurrency. When users connect their digital wallets to this fake website, it begins operating as a crypto drainer. E
This app named "World Wide Web" is a PUA (Potentially Unwanted Application). Software within this classification typically possesses undesirable and even harmful functionalities. The installer we discovered promoting the World Wide Web application included other suspicious software. It is notewor
Laxsearch.com is the address of a fake search engine endorsed by the Lax Search browser hijacker. It makes modifications to browser settings in order to generate redirects to the laxsearch.com site. It is likely that Lax Search also spies on users' browsing activity. Lax Search makes alter