Our research team discovered the Backoff ransomware while investigating new submissions to the VirusTotal website. This malicious program is based on the Chaos ransomware family. Malware within this category encrypts data and demands ransoms for its decryption. Backoff encrypted files and appende
Our analysis of the PachyrhinosaurusLakustai app revealed worrisome capabilities, such as reading and altering data on websites, managing browser themes and extensions, and activating the "Managed by your organization" feature in Chrome and Edge browsers. Its distribution is facilitated through a
Our researchers found the HelperFraction application while checking out new file submissions to VirusTotal. Following our analysis, we determined that this app is advertising-supported software (adware). HelperFraction is also part of the AdLoad malware family. Applications within this group run
When examining the app, we noted that StratocumulusCastellanus is a shady app that can read and change data on websites, manage themes and extensions within a browser, and activate the "Managed by your organization" feature in Chrome and Edge browsers. Moreover, StratocumulusCastellanus is distrib
While investigating new file submissions to the VirusTotal site, our research team discovered the Frivinho ransomware. This malicious program operates by encrypting data and demanding payment for its decryption. On our test machine, this ransomware encrypted files and appended their filenames wit
Upon inspecting this webpage and the associated post on X (Twitter) promoting it, it became evident that it constitutes a fraudulent giveaway, designed as a scam to pilfer cryptocurrency from unsuspecting individuals. Scammers commonly use enticing prizes or giveaways to attract victims into falli
Recently, cracked apps on pirating websites that carried a Trojan proxy were discovered. The bad actors took pre-cracked apps, repackaged them as PKG files, and hid a Trojan proxy along with a script to infect systems after installation. The application named Activator is also involved in the ma
After inspecting the "ZetaChain Airdrop", we determined that it is fake. This cryptocurrency airdrop is supposedly run on the ZetaChain platform. While the scam webpage appears practically identical to the original website, it is fraudulent and operates as a crypto drainer once a user connects the
After examining the application, it was determined that LaserGradualActivity functions as adware, displaying unwanted advertisements to users. In addition to ad display, LaserGradualActivity may collect various user data. It is advisable to refrain from installing LaserGradualActivity and to rem
Upon inspection of Araucarian.app, it was observed that it functions as adware. It can present intrusive advertisements and is associated with the Pirrit family. Additionally, Araucarian.app may possess the ability to access and collect diverse information. It is advisable not to trust Araucaria