Planet Stealer is a malicious software designed to extract sensitive information from compromised computers. It targets data from browsers, cryptocurrency wallets, Discord, and more. The creators of this malware offer it for sale at $75 per week or $200 per month. Planet stealer is a sophi
Our researchers found the Zarik Locker ransomware while reviewing file submissions to the VirusTotal site. Malware of this kind encrypts data and demands ransoms for its decryption. After we executed a sample of Zarik Locker on our testing system, it encrypted files and added a ".zarik5313" exten
During our examination of the myondsshop[.]com page, we discovered that it employs clickbait (a deceptive technique) to trick visitors into allowing it to send notifications. We also found that myondsshop[.]com has at least two designs and can redirect users to similar websites. Myondsshop
We have examined the email and discovered that it is a fraudulent email masquerading as a notification from an email service provider. The perpetrators of this scam aim to entice recipients into disclosing sensitive information on a counterfeit login page. Such emails are commonly referred to as p
After reviewing the "I Compromised Your Operating System" email, we determined that it is spam. The letter falsely claims that the sender has infected the recipient's devices with a trojan. This malware was used to record and edit a compromising video of the recipient, which will be leaked to thei
We have examined the email and discovered that it is a phishing attempt. This email is disguised as a communication from a remittance officer concerning payment refunds. The individuals orchestrating this scam intend to trick recipients into revealing personal information and (or) transferring mon
In the course of our inspection of malware samples uploaded to the VirusTotal site, we came across a Skynet ransomware variant dubbed Payuranson. The purpose of this malware is to encrypt files. Additionally, Payuranson creates a ransom note ("SkynetData.txt") and renames files (appends the ".payu
After conducting an examination of the malware samples provided on the VirusTotal platform, we have identified Wiaw as a variant belonging to the Djvu ransomware family. Wiaw operates by encrypting files and altering their filenames, adding the ".wiaw" extension. As an illustration, it transforms
While analyzing malware samples submitted to VirusTotal, we identified Wisz as ransomware linked to the Djvu family. Wisz ransomware encrypts files on the victim's system, appending the ".wisz" extension to their filenames. Additionally, it generates a "_README.txt" file containing a ransom note.
Our researchers discovered the AnalogInterface app while inspecting new file submissions to the VirusTotal platform. After examining this software, we determined that it is adware. AnalogInterface is part of the AdLoad malware family. It is designed to run intrusive ad campaigns and may have oth