In the process of an assessment of malware samples uploaded to VirusTotal, a ransomware variant dubbed ChocVM and belonging to the Makop family has been discovered. ChocVM encrypts files, changes the desktop wallpaper, modifies filenames of encrypted files, and creates the "+README-WARNING+.txt" f
In the course of our review, it has been identified that this is a scam email designed to exploit fear and intimidation. The email adopts a threatening tone, emphasizing financial motives and threatening irreversible consequences if the recipient fails to comply with specified instructions.
Upon inspection, we found that this is a fake cryptocurrency giveaway promoted via X (formerly known as Twitter). The scammers behind this scheme have the malicious intent of deceiving individuals and pilfering their cryptocurrency. It is crucial for users to exercise caution and verify the authen
Xamalicious is a backdoor malware targeting Android users. This malicious software is composed using Xamarin, an open-source framework. Xamalicious aims to gain accessibility privileges. Upon obtaining these privileges, Xamalicious can trigger the download of a second-stage payload. Upon e
After a thorough examination, it is evident that the claimed giveaway is, in fact, a fraudulent cryptocurrency scheme. This deceitful ploy is actively circulated through X (formerly known as Twitter) with the explicit intention of deceiving unsuspecting individuals and illicitly acquiring their cr
During our comprehensive evaluation, it has come to light that this email is deceptive and crafted by cybercriminals. The message asserts the presence of an attached file containing a packaging list. However, the attachment is malicious, designed to deceive recipients into executing malware on the
During an examination of malware samples submitted to VirusTotal, the presence of the BO Team ransomware has been identified. BO Team encrypts files, appends the ".bot" extension to filenames, and drops a ransom note (the "How To Restore Your Files.txt" file). An illustration of how the BO Team r
Cdmx has been discovered while examining malware samples on the VirusTotal site. It has been found that Cdmx belongs to the Djvu ransomware family. Its main goal is to encrypt files, and it also alters file names by adding the ".cdmx" extension while producing a ransom note named "_readme.txt". B
During analysis of malware samples submitted to VirusTotal, a ransomware variant belonging to the Djvu family has been discovered. This variant is dubbed Cdqw, and its purpose is to encrypt files. Also, Cdqw appends its extension (".cdqw") to filenames and creates a ransom note ("_readme.txt"). A
Following an analysis, it has been determined that reksaitesurvey[.]space is an unreliable website featuring deceptive content. Additionally, reksaitesurvey[.]space seeks to display notifications and can redirect users to other dubious pages. Consequently, users are strongly cautioned against plac