While investigating suspicious sites, our research team discovered a webpage promoting a fake software "crack". From this page, we downloaded an installation setup containing a Potentially Unwanted Application (PUA) called Mantras_and_meditations_for_groups. It is pertinent to mention that this in
We have determined that this email is a phishing attempt orchestrated by scammers. The fraudulent intent is to entice recipients to access a deceptive website and divulge personal information. The phishing email disguises itself as a communication from Alibaba, a legitimate Chinese multinational t
Upon investigation of gebehee[.]top, it was observed that the website presents users with a deceptive survey and requests permission to send notifications. Additionally, gebehee[.]top redirects visitors to other questionable websites. As a result, users are strongly advised to refrain from visitin
This "AppleCoin" platform is a scam. It operates as a crypto drainer, i.e., empties the cryptocurrency stored in wallets connected to it. This "AppleCoin" scheme has been observed being endorsed by posts made on the X (more commonly known by its former name – Twitter) social media platform.
PureLand is a stealer-type malware targeting Mac devices. Programs within this classification are designed to steal information from infected systems. PureLand targets cryptocurrency wallets and other sensitive data. This malware has been observed being spread under the guise of a Play-to-Earn
PDFsharp seems to be a tool designed for handling PDF files. Yet, upon thorough examination, it emerges as an unreliable application with an unclear purpose. Additionally, it comes bundled with other dubious apps - it gets installed together with other suspicious elements. Consequently, it is stro
After a review, it has been established that PachycephalosaurusWyomingensis is a shady browser extension distributed via a malicious installer. PachycephalosaurusWyomingensis raises concerns due to its ability to activate the "Managed by your organization" feature in Chrome and Edge browsers, mana
PatchWorkApt is a ransomware variant based on Chaos. It has been discovered while examining malware samples uploaded to VirusTotal. Upon infiltrating a computer, PatchWorkApt encrypts files, appends a string of random characters to filenames, and creates the "look_this.txt" file (a ransom note).
CanisLupusGregoryi was discovered as a dubious application while examining a malicious installer downloaded from an untrustworthy page. This application has the ability to enable the "Managed by your organization" feature in Chrome and Edge browsers, read various data, and manage extensions and th
While investigating new malware submissions to the VirusTotal website, our researchers discovered the 3000USDAA ransomware. This program operates by encrypting data and demanding payment for its decryption. 3000USDAA encrypted files and appended their names with the attackers' email address and a