During our comprehensive analysis of malware samples submitted to the VirusTotal page, it has been identified that Cdpo is a ransomware variant associated with the Djvu family. Cdpo encrypts files and adds its extension (".cdpo") to the filenames. For example, it renames "1.jpg" to "1.jpg.cdpo", "
Our research team discovered a deceptive website pushing a suspicious installation setup during a routine investigation of untrustworthy sites. Therein, we found the CallorhinusUrsinus malicious extension. This piece of software targets Google Chrome and Microsoft Edge browsers. The extension has
Upon reviewing the "SLEEPLESS AI Airdrop", we determined that it is a fake airdrop. This giveaway promises to distribute Sleepless AI (AI) cryptocurrency for free. Instead, this scheme operates as a cryptocurrency drainer – meaning that the scammers steal the funds stored in connected wallets. It
In the process of an evaluation, it has surfaced that Simulatively.app is one of the unreliable apps from the Pirrit family that is designed to show intrusive advertisements. Apps that function like Simulatively.app are categorized as adware. Commonly, adware is promoted using deceptive methods
While investigating websites that utilize rogue advertising networks, our research team found the Daily Guard browser extension. It is promoted as an adblocker capable of blocking online advertisements (including on YouTube) and trackers, as well as preventing access to malicious sites. However,
Upon examination, it has been determined that this is a deceptive scheme masquerading as a giveaway associated with the legitimate platform Plug, which serves as an Internet Computer (IC) browser crypto wallet and authentication provider. The purpose of this scam is to steal cryptocurrency from in
AdminHelper is a rogue application, which we determined to be adware. Our examination revealed that this piece of software operates by running intrusive ad campaigns. It is noteworthy that AdminHelper is part of the AdLoad malware family. Adware stands for advertising-supported software.
Upon scrutinizing this email, it has been established that it constitutes a fraudulent notification regarding a purported Spotify subscription payment failure. This communication is designed by malicious actors to deceive unsuspecting recipients into divulging personal information and (or) making
Your Search Bar is a rogue browser extension that works as browser-hijacking software. Our analysis revealed that this extension makes alterations to browser settings in order to promote (through redirects) the yoursearchbar.me fake search engine. Browser hijackers typically modify browser
GoSorry, a malicious software crafted in the Go programming language, operates as an information-stealing malware designed to compromise macOS systems' security. This insidious threat focuses on infiltrating browser data and stealing sensitive information from cryptocurrency wallets, posing a si