After inspecting the "Expiry Notice" email, we determined that it is spam. This bogus mail informs that the recipient's email account will expire within 48 hours. The scam letter redirects the recipient to a phishing website that imitates their email sign-in page. This spam email states th
During an investigation of an installer obtained from an unreliable website, we discovered a malicious extension named MegatheriumAmericanum. Our analysis uncovered concerning features, including its ability to activate the "Managed by your organization" setting within the Chrome browser, access u
Our examination of the "Quote Order" email revealed that it is spam. The fake letter requests to review the attached quote order. However, this email does not include an attachment, and the button in the body of the letter redirects to a phishing website. It mimics the recipient's email account si
After inspecting the "Recovered Stolen Funds And Crypto Currency" email, we determined that it is spam. The letter claims that an organization dealing in fund recovery has recovered the cryptocurrency stolen from the recipient. The most likely goal of this scam mail is to trick recipients into di
Upon examination, it has been found that this email is a phishing scam. Those behind this scam campaign aim to lure recipients into sharing sensitive information via a fraudulent webpage. Consequently, it is strongly recommended to ignore and not respond to this email or similar ones. In t
Upon inspection, it has been identified that this email is a phishing scam. The individuals orchestrating this spam campaign intend to entice recipients into divulging sensitive information through a fraudulent page. Therefore, it is highly advisable to disregard this and similar emails. I
While examining an installer downloaded from an untrustworthy website, we came across the DromaiusNovaehollandiae browser extension. The analysis revealed troubling functionalities associated with this extension, including its capacity to enable the "Managed by your organization" feature in the Ch
Ttza is a ransomware variant that conducts file encryption and appends the ".ttza" extension to the filenames of all the files it affects. Additionally, it generates a ransom note named "_readme.txt", which contains contact information and payment instructions. Ttza belongs to the Djvu ransomware
While analyzing malware samples submitted to the VirusTotal page, we encountered the Ttap ransomware. This malicious software encrypts a range of files and appends the ".ttap" extension to their filenames. Moreover, the ransomware creates a text file (named "_readme.txt") that contains a ransom no
Our researchers discovered the ProgressLauncher adware while investigating new submissions to the VirusTotal site. This application is part of the AdLoad malware family. ProgressLauncher is designed to generate revenue for its developers by feeding users with undesirable and potentially maliciou