While examining malware samples submitted to VirusTotal, our team discovered ransomware dubbed LIVE TEAM. Like most ransomware variants, LIVE TEAM encrypts files, modifies filenames of encrypted files, and provides a ransom note. It appends the ".LIVE" extension to filenames and drops the "FILE RE
Our examination has uncovered that this is a deceptive plot posing as an authentic giveaway (airdrop) of $FAR tokens. The main objective of scammers behind this fraudulent scheme is to obtain cryptocurrency from unsuspecting users. As a result, it is recommended to ignore and refrain from interact
Based on our scrutiny, it has been determined that app_assistant is an advertising-supported application designed to bombard users with intrusive advertisements. As a rule, users obtain apps like app_assistant from unreliable sources. In addition to showing ads, app_assistant may perform other a
After careful analysis, it has been established that JuniperusCommunis is a dubious browser extension with the ability to access varied information, manipulate themes and other extensions, and activate the "Managed by your organization" feature in Chrome and Edge browsers. As a result, users are s
Our investigation reveals that this is a deceptive scheme masquerading as a genuine giveaway of $Frame tokens. The primary goal of this fraudulent operation is to acquire cryptocurrency from unsuspecting individuals. Therefore, it is advised to disregard and avoid engaging with it. This fa
During our analysis of samples submitted to VirusTotal, we discovered a ransomware variant known as Shuriken. This particular ransomware encrypts files, alters filenames, and generates a ransom note named "READ-ME-SHURKEWIN.txt". Additionally, Shuriken presents another ransom note before victims l
Our examination shows that this is a fraudulent operation posing as a platform offering the discovery of cryptocurrency airdrops (distribution of free cryptocurrency tokens or coins). The underlying intent of this scam is to obtain (steal) cryptocurrency from unsuspecting individuals. Thus, it sho
During a review of samples submitted to the VirusTotal website, a ransomware dubbed Empire has been discovered. Empire prevents victims from accessing their files by encrypting them. Also, it appends the ".emp" extension to filenames. For example, it renames "1.jpg" to "1.jpg.emp", "2.png" to "2.p
Upon close inspection, the outcome of our examination is that Isoindazole.app is a dubious application that functions as adware. Once installed, Isoindazole.app displays unwanted and annoying advertisements. It is important to note that Isoindazole.app is part of the Pirrit family. Appli
Albabat is malware classified as ransomware. It encrypts files, adds the ".abbt" extension to filenames, changes the desktop wallpaper, and creates the "README.html" file (a ransom note). An example of how files encrypted by Albabat are renamed: "1.jpg" is changed to "1.jpg.abbt", "2.png" is chang