PDFsharp seems to be a tool designed for handling PDF files. Yet, upon thorough examination, it emerges as an unreliable application with an unclear purpose. Additionally, it comes bundled with other dubious apps - it gets installed together with other suspicious elements. Consequently, it is stro
After a review, it has been established that PachycephalosaurusWyomingensis is a shady browser extension distributed via a malicious installer. PachycephalosaurusWyomingensis raises concerns due to its ability to activate the "Managed by your organization" feature in Chrome and Edge browsers, mana
PatchWorkApt is a ransomware variant based on Chaos. It has been discovered while examining malware samples uploaded to VirusTotal. Upon infiltrating a computer, PatchWorkApt encrypts files, appends a string of random characters to filenames, and creates the "look_this.txt" file (a ransom note).
CanisLupusGregoryi was discovered as a dubious application while examining a malicious installer downloaded from an untrustworthy page. This application has the ability to enable the "Managed by your organization" feature in Chrome and Edge browsers, read various data, and manage extensions and th
While investigating new malware submissions to the VirusTotal website, our researchers discovered the 3000USDAA ransomware. This program operates by encrypting data and demanding payment for its decryption. 3000USDAA encrypted files and appended their names with the attackers' email address and a
Upon inspection of the "DHL Agreement Documents" email, we determined that it is spam. This letter is disguised as a notification from DHL Express – the mail service of the DHL logistics company. It claims to contain copies of documentation as an attachment. However, it is a phishing file targetin
Our researchers discovered an installer containing CastaneaSativa during a routine investigation of deceptive sites. Upon analysis, we learned that this malicious extension tracks browsing data and modifies browsers. CastaneaSativa is capable of managing the apps, extensions, themes, and o
"QQL Mint Pass" is a scam that operates as a crypto drainer. This scheme is modeled on the QQL generative art collaborative experiment that is linked to the Archipelago platform. The QQL algorithm allows users who possess a Mint Pass to create (mint) official QQL NFTs (Non-Fungible Tokens) with th
After a thorough examination, the determined outcome is that this appears to be a fraudulent scheme posing as a giveaway (in the form of an airdrop event) supposedly organized by Binance and MetaMask. It has been devised by scammers with the intent of pilfering cryptocurrency from unsuspecting ind
Earthheartsmith[.]top is the address of a rogue webpage discovered by our researchers during a routine inspection of dubious sites. After investigating this page, we determined that it is designed to promote browser notification spam and redirect visitors to other (likely unreliable/harmful) websi