We have examined the malware (which we discovered while inspecting malware samples submitted to VirusTotal) and found that it is ransomware belonging to the Dharma family. Upon execution, Kyj encrypts files and appends the victim's ID, an email address, and the ".kyj" extension to them. It also pr
Our analysis shows that this is a phishing email posing as a notification regarding a purchase agreement contract. This deceptive email includes a link to a fake website designed to steal personal information. Falling for this scam can lead to issues like account hijacking, identity theft, and oth
We have reviewed this email and concluded that it is a fake notification from DHL. The scammers behind this scam email aim to trick recipients into believing that they received a message regarding an expected "shipment document" and opening a fake website. Their ultimate goal is to steal personal
CryptoBot is information-stealing malware targeting macOS. It is written in the Go programming language, and its main goal is to search the infected computer for files related to cryptocurrency, such as wallet data or keys, and steal them. CryptoBot should be removed from infected computers as s
While investigating file submissions to the VirusTotal platform, our research team discovered the NetworkFormat rogue application. After inspecting this app, we determined that it is advertising-supported software (adware) from the AdLoad malware family. In most cases, adware operates by
This "Leave Request Form" message is a phishing email. The spam message claims that HR has shared a leave request form with the recipient. The goal of this scam is to deceive victims into revealing their email account log-in credentials to a phishing website. This spam email claims to be a
Our examination of this "Human Resource Internal Memo" email revealed that it is spam. This phishing message aims to trick recipients into revealing their email account log-in credentials by luring them with a fake salary compensation report. The spam email with the subject "Annual Payroll
After inspecting this "OneDrive - You Have A New Document" email, we determined that it is fake. This spam message alerts of a document concerning salary bonuses sent to the recipient. It must be emphasized that this scam email is not associated with the actual Microsoft OneDrive. The goal is to d
While investigating suspicious sites, our researchers discovered this fake "Pi Network Airdrop". It is a phishing scam targeting cryptocurrency wallet log-in credentials; victims are lured into exposing this information by the promise of an airdrop. It must be emphasized that this scam is not asso
Our researchers discovered the KaWaLocker ransomware while reviewing new malware submissions to the VirusTotal website. Malicious software within this category is designed to encrypt data and demand ransoms for the decryption. On our test machine, KaWaLocker encrypted files and added an extension