BackMyData is a ransomware variant belonging to the Phobos family that we discovered during an inspection of malware samples submitted to VirusTotal. We found that BackMyData encrypts files, renames files, and provides two ransom notes ("info.hta" and "info.txt"). BackMyData renames files by appe
RustDoor is a Mac-targeting malware written in the Rust programming language. This malicious program has been around since at least the autumn of 2023. At the time of writing, three variants of RustDoor have been discovered (with the initial one speculated to be a test version). This program is
Upon closer inspection of the application, we identified that Extended Search - Default Search is a browser hijacker that promotes extended-search.com. This extension hijacks a browser by modifying its settings. Also, Extended Search - Default Search may be capable of collecting browsing-related a
Upon reviewing the email, we have determined that it is a fraudulent message masquerading as a business proposal. The scammers intend to entice recipients into participating in an advance-fee scheme. Furthermore, it is imperative to exercise caution and refrain from disclosing any information in r
Our researchers found the SaveSysBoot application while checking out new file submissions to the VirusTotal site. After investigating this piece of software, we determined that it is adware from the AdLoad malware family. SaveSysBoot runs intrusive advertisement campaigns, and it may have additi
After inspecting "PayPal Stablecoin", we determined that it is a scam imitating the PayPal online payment/ money transferring platform. This fake site offers users the chance to claim PayPal USD cryptocurrency. The scheme operates as a crypto drainer. This scam mimics the design of PayPal'
Upon inspecting "Tesla Space X Investment", we determined that it is a scam. It is presented as an elaborate online platform offering investments and other related services. However, its purpose is to deceive users into transferring cryptocurrency to the scammers' wallets. This scam appear
While examining this scheme (supposedly an ezPoints reward program), we unveiled its deceptive guise as a legitimate offer to receive ezPoints in exchange for nominal cryptocurrency deposits. The purpose of this scam is to trick unsuspecting individuals into performing certain actions leading to m
In our evaluation of the MouseOption application, it came to light that it exhibits intrusive advertisements. As a result, MouseOption has been categorized as adware. It is important to mention that software falling under this category often has the capability to collect various types of informa
Cavernexplorer[.]com is the address of a rogue webpage discovered by our research team during a routine investigation of unreliable sites. Upon inspection, we determined that this page promotes browser notification spam and redirects users to other (likely untrustworthy/dangerous) websites. The m