After careful examination, it has been established that this email is a fraudulent scheme designed to deceive recipients into thinking they have been selected as beneficiaries with the prospect of receiving a substantial sum of money. Typically, the perpetrators behind such emails aim to extract p
Following an examination, it has been determined that ConnectedMethod is an undesirable software acting as adware. ConnectedMethod's primary function is to showcase bothersome and intrusive advertisements. It is important to highlight that applications similar to ConnectedMethod may be crafted t
In our analysis, it was determined that Rdptest functions as ransomware. Upon penetrating the operating system, Rdptest encrypts and changes the names of files, presenting two ransom notes ("info.hta" and "info.txt"). This particular ransomware belongs to the Phobos family and was identified durin
After inspecting the "Upgrade Mailbox Quota" email, we determined that it is spam. By claiming that the recipient's email account requires immediate upgrades – this phishing mail aims to trick them into disclosing their log-in credentials. The spam email with the subject "Disconnection Not
"WalletConnect & Web3Inbox Airdrop" is a scam. It is presented as an airdrop held by the WalletConnect and Web3Inbox. The scheme is not associated with any legitimate services or other entities. This scam operates as a cryptocurrency drainer and steals the funds stored in victims' digital wall
Dedsec is ransomware (discovered by S!Ri) designed to encrypt files and demand payment in return for their decryption. Additionally, Dedsec renames all affected files by appending the ".dedsec" extension, changes the desktop wallpaper, and displays a pop-up window with a ransom note. An example o
While investigating suspicious websites, our researchers discovered the santionrerm.co[.]in rogue page. It operates by promoting browser notification spam. Additionally, this webpage can redirect visitors to other (likely dubious/malicious) sites. Users primarily access santionrerm.co[.]in and pag
While reviewing dubious websites, our research team discovered an installer containing the CarcharhinusLeucas browser extension. This malicious software manages/modifies Google Chrome and Microsoft Edge browsers. Additionally, CarcharhinusLeucas has data-tracking abilities. It is noteworthy that
Upon examining the email, we found that it is a typical example of a phishing email, attempting to deceive the recipient into providing personal information and (or) sending funds. It claims that a recipient has been selected as a beneficiary for a certain amount of money. Such emails should be ig
Kasseika is a ransomware-type program. It operates by encrypting data in order to demand payment for the decryption. On our test machine, Kasseika encrypted files and altered their filenames. Original file titles were appended with an extension comprising a random character string. To elaborate,