Upon reviewing the "Payroll Sheet" email, we determined that it is spam. The letter claims to include access to a payroll sheet, which the recipient is requested to review and approve. However, by attempting to do so – the user is redirected to a phishing website that targets email account log-in
The "PonDX" scam imitates the legitimate platform of the same name and operates as a cryptocurrency drainer. After a victim connects their wallet through the fake website, the funds stored therein are drained. The fake "PonDX" site that we investigated is an almost perfect copy of the legi
While investigating suspicious sites, our research team discovered the "Malicious Site Has Downloaded Infected Files To Your PC" scam. The purpose of this scheme is to trick users into thinking that virulent files have been downloaded onto their devices. In most cases, scams of this kind are utili
We have determined that desktopleads[.]info is one of the numerous deceptive sites designed to trick visitors into thinking that their computers are infected. Also, desktopleads[.]info wants to show notifications. Typically, users open sites like desktopleads[.]info unintentionally. It is highly a
After inspecting "SingularityNET - AGIX", we determined that it is a scam. This scheme operates as a cryptocurrency drainer and imitates the official website of the SingularityNET (SNET) platform. The legitimate website's URL is singularitynet.io, while the discovered imitator's agix[.]re (other v
Our researchers found Cumbha.app while reviewing new file submissions to the VirusTotal website. After analyzing this application, we learned that it is adware from the Pirrit malware family. Cumbha.app is designed to feed users with undesirable and potentially malicious advertisements.
Pings is malware we discovered during an analysis of malware samples submitted to VirusTotal. It was found that Pings is ransomware designed to encrypt files, provide a ransom note ("FILE RECOVERY.txt"), and rename files (append the ".pings" extension to filenames). Pings is used to extort money f
Mango ransomware is a malicious program discovered by our researchers during a routine inspection of new submissions to the VirusTotal platform. This malware is part of the Phobos ransomware family. Mango operates by encrypting files to demand payment for its decryption. After we launched a sampl
Evil Ant is malware classified as ransomware. The purpose of Evil Ant is to prevent victims from accessing their files by encrypting them. Also, Evil Ant changes the desktop wallpaper and displays a ransom note (a pop-up window) containing contact and payment information. Screenshot of files e
In the process of our thorough assessment, it has surfaced that ElementDisplay displays intrusive advertisements. Apps designed to bombard users with ads fall into the category of adware. Usually, apps like ElementDisplay are promoted and distributed using questionable methods to trick users int