Upon inspection, we determined that "LEDGER SECURITY" is spam. This fake email states that a security vulnerability has been discovered on the recipient's Ledger hardware cryptocurrency wallet. This spam mail promotes a phishing website that targets wallet log-in credentials. The "LEDGER S
After a comprehensive examination, it has been revealed that PakicetusAttocki is an unreliable application distributed via a malicious installer. Once added, PakicetusAttocki activates the "Managed by your organization" feature (in Chrome or Edge browser). Also, this app can manage extensions and
Following a thorough examination, it has been determined that Plebeianness.app inundates users with bothersome advertisements. Applications of this nature are categorized as adware. Besides showcasing ads, Plebeianness.app may also collect user data. It is worth noting that Plebeianness.app belo
In the course of our review of malware samples submitted to VirusTotal, it has been identified that Ljaz is ransomware belonging to the Djvu family. Ljaz encrypts files, appends its extension (".ljaz") to filenames), and creates the "_readme.txt" file (a ransom note). An example of how Ljaz modif
In the process of our thorough assessment of malware samples submitted to the VirusTotal page, it has surfaced that Ljuy is ransomware that belongs to the Djvu family. Ljuy encrypts files and appends its extension (".ljuy") to filenames. For instance, it changes "1.jpg" to "1.jpg.ljuy", "2.png" to
Lifebestconcept[.]com is the address of a rogue webpage discovered by our research team during a routine inspection of untrustworthy sites. It is designed to promote scams and spam browser notifications. The lifebestconcept[.]com page can also redirect visitors elsewhere (likely dubious/malicious
While investigating new submissions to the VirusTotal website, our research team discovered the Laser.app application. After inspecting this piece of software, we determined that it is adware from the Pirrit malware family. Laser.app operates by feeding users with undesirable and deceptive adver
"Managed by Your Organization" is a feature on Microsoft Edge browsers. Its purpose is to enable administrators/managers to tailor browser operation within an establishment. For example, within an organization, this functionality allows for various policies to be set for browsing and browsers. Ho
Security vendors assign the name Win32/Floxif upon detecting the presence of backdoor malware. This type of malware is known for its ability to secretly create unauthorized access points in the infected system, enabling remote control and execution of malicious activities by the attackers.
The SugarGh0st malware is a Remote Access Trojan (RAT). It establishes remote access and control over infected machines. It is highly likely that SugarGh0st is based on the Gh0st RAT. This malicious program has been observed being utilized in multiple campaigns, possibly starting as early as Augu