Upon testing, it has become apparent that CrocutaCrocuta is a malicious extension capable of reading data on all websites, enabling the "Managed your organization" feature, and performing other actions within Chrome (and Edge) browsers. CrocutaCrocuta has been discovered after obtaining a maliciou
OptimizationSquare is a rogue app that we discovered during a routine review of new submissions to the VirusTotal website. After analyzing this application, we determined that it is advertising-supported software (adware). OptimizationSquare is part of the AdLoad malware family. Adware i
We have identified this email as a fraudulent scheme orchestrated by scammers seeking to acquire personal information from recipients. These deceptive emails are widely recognized as phishing attempts. In this case, the scammers masquerade as an email service provider to extract information.
After examining the "FedEx - Delivery Of The Suspended Package" email, we determined that it is spam. This fake letter states that the recipient has a pending package delivery. It must be stressed that the information provided by this phishing email is false, and this mail is in no way associated
We have determined that this email is a fraudulent attempt by scammers to obtain personal information from recipients. Such emails are commonly known as phishing emails. In this instance, scammers pose as an email service provider to entice recipients into revealing their information on a phishing
BlackLegion is ransomware that restricts access to files by encrypting them. Victims cannot open encrypted files without decrypting them. Additionally, BlackLegion creates a ransom note ("DecryptNote.txt") and renames files by appending a string of random characters, an email address, and the ".Bl
Based on our analysis, it has been determined that ConnectedServer is adware. ConnectedServer bombards users with annoying advertisements. Additionally, it possesses the potential to gather diverse data. Typically, applications like ConnectedServer are promoted and disseminated through deceptive
Upon meticulous examination, it has been identified that this email is a typical phishing attempt. Perpetrators orchestrating this phishing campaign masquerade as DHL, a reputable logistics company specializing in courier, package delivery, and express mail services. Their objective is to deceive
Iranian banking trojan refers to an Android-specific malware targeting the customers of multiple Iranian banks. The first campaigns involving this trojan were observed back in December of 2022. While having undergone several iterations, these campaigns are still active as of the time of writing.
Our research team discovered the AdminLibrary rogue app while investigating new submissions to the VirusTotal website. Upon inspection, we identified this application as adware belonging to the AdLoad malware family. AdminLibrary operates by running intrusive advertisement campaigns. Adw