During our analysis of malware samples on the VirusTotal page, we encountered xDec, a ransomware variant associated with the Phobos family. This malware encrypts files, modifies their filenames, and presents two ransom notes titled "info.txt" and "info.hta". Furthermore, xDec ransomware appends th
"Trust Wallet Connect" is a scam that imitates the official Trust Wallet website. It operates as a phishing page and targets cryptowallet log-in credentials by claiming bogus connection issues. Webpages running this scam are presented as the Trust Wallet site (trustwallet.com). The scheme
We discovered a malicious program called Repair while browsing new file submissions to the VirusTotal website. This software is part of the MedusaLocker ransomware family. Repair operates as data-encrypting ransomware. On our testing system, the program encrypted files and appended their filename
"Connect Collab Land" is a scam that imitates the Collab.Land platform. The scheme targets victims' digital assets by utilizing a cryptocurrency drainer. Exposing a cryptowallet to this scam can result in the theft of all the funds stored therein. This scam impersonates the Collab.Land dec
Upon inspection, we determined that the "Nibiru Chain Engagement Airdrop" is fake. This scam impersonates the Nibiru blockchain network (nibiru.fi). It entices users into exposing their digital wallets to a cryptocurrency drainer by promising rewards for their engagement. This scheme is di
Our research team discovered DumbStackz while investigating new submissions to the VirusTotal site. This malicious program is based on the Chaos ransomware. DumbStackz is designed to encrypt files and demand payment for the decryption. On our testing system, this ransomware encrypted files and ad
In our examination of the site, we discovered that it promotes the opportunity for individuals to obtain free cryptocurrency ($TOSHI). However, this scheme is among many designed to steal cryptocurrency from victims. Users are strongly recommended to disregard such pages to prevent financial loss
Our research team discovered a fake Google extension – "Save to Google Drive" – while investigating a Torrenting site that uses rogue advertising networks. This extension has data-tracking abilities and can make various modifications to browser settings. It must be emphasized that this "Save to G
Upon investigating the site, we found it to be a fraudulent website posing as the official ton[.]org page. Scammers have crafted this deceptive webpage with the intention of swindling cryptocurrency from unsuspecting users. Their goal is to deceive users into taking actions that lead to the theft
Through our analysis of the Senator malware, we determined that it is ransomware employed by cybercriminals to coerce victims to pay a ransom. We discovered Senator ransomware while examining malware samples on VirusTotal. In addition to encrypting files, Senator modifies filenames and drops a ran