Our research team discovered an app named ProgramSource during a routine investigation of new submissions to VirusTotal. After analyzing this application, we determined that it is adware from the AdLoad malware family. ProgramSource operates by running intrusive advertisement campaigns.
After inspecting the "DNS Error" email, we determined that it is spam. It states that several messages sent by the user have failed to reach the intended recipients due to a DNS error. This mail promotes a phishing website seeking email log-in credentials by disguising it as a way to address the f
We have inspected this email and concluded that its goal is to extract personal information from unsuspecting recipients. The email described in our article masquerades as a notification from Crédit Agricole, a legitimate French international banking group. Such fraudulent emails are referred to a
Energyprotab.com is the address of a fake search engine that we discovered promoted by the Energy Pro Tab browser hijacker. This extension is endorsed as a tool that allows users to customize their browser tabs and support green energy initiatives. Instead, Energy Pro Tab makes changes to browser
We have examined the site and found that it is a scam page designed to trick visitors into believing that an unusual application has been detected in their operating system. The purpose of this scam is to lure unsuspecting users into calling the provided number. Such fraudulent schemes are known a
We found that srcingan.com is a fake search engine promoted via a browser hijacker known as Anime Nook. Usually, browser hijackers promote fake search engines by changing the settings of hijacked browsers. Users often add apps of this type unintentionally (without knowing these apps will hijack th
Upon inspecting Cyclostomatous, we concluded that it functions as adware (the app delivers annoying advertisements) and is part of the Pirrit family. In order to avoid potential issues, users should not install apps like Cyclostomatous and remove them from affected devices as soon as possible.
Our researchers found the Lobelia application while investigating new file submissions to the VirusTotal platform. Upon closer inspection, we determined that it is adware from the Pirrit family. Advertising-supported software operates by running intrusive advertisement campaigns and may possess
While inspecting new file submissions to VirusTotal, our research team found the Capibara ransomware. It operates by encrypting files to collect ransom payments. We obtained a sample of this malware and executed it on our testing system. We found that the filenames of files encrypted by this rans
After inspecting "IRS Crypto", we determined that it is a scam. It imitates the IRS (Internal Revenue Service); specifically, it is presented as a portal for handling taxes on cryptocurrency. When users connect their digital wallets to this fake website, it begins operating as a crypto drainer. E