After reading this "Data From All Your Devices Is Copied To My Servers" email, we determined that it is a sextortion scam. This spam message claims that the recipient's devices were infected, and the malware was used to record a sexually explicit video of them. If the recipient refuses to meet the
Whiventatism[.]com is a rogue webpage discovered by our researchers during a routine inspection of suspicious sites. This page promotes browser notification spam and generates redirects to different (likely unreliable/dangerous) websites. The majority of visitors to whiventatism[.]com and similar
Our research team found the chmicutuding[.]com rogue page while browsing dubious websites. Upon examination, we determined that this webpage endorses browser notification spam and redirects users to other (likely untrustworthy/malicious) sites. Most visitors to chmicutuding[.]com and similar pages
Our inspection of the "Cloud - Your Payment Method Has Expired" email revealed that it is spam. This is a phishing email targeting recipients' financial information by claiming that they have run out of Cloud storage and recommending an upgrade. The spam email with the subject "Cloud Stora
PylangGhost is a Remote Access Trojan (RAT) written in the Python programming language. This program enables remote access and control over infected devices. The trojan can cause chain infections and steal sensitive information. PylangGhost is used exclusively by Famous Chollima (also known as Wa
KimJongRAT is malicious software designed to secretly infiltrate computers, steal sensitive data, and allow attackers to control them remotely. It has at least two variants: one built and executed using PowerShell and the other using a Portable Executable (PE) file. The malware collects browser da
Basta is ransomware that our team has discovered during analysis of malware samples uploaded to VirusTotal. Basta encrypts files and appends the victim's ID, an email address, and the ".basta" extension to files. For example, it renames "1.jpg" to "1.jpg.[2AF20FA3].[basta2025@onionmail.com].basta"
GolangGhost is a RAT (Remote Access Trojan) targeting Mac operating systems. It is written in the Go programming language (Golang). This malware enables remote access/control over infected machines. It has backdoor and stealer-type functionalities. GolangGhost has been spread through job offer/
We have inspected the email and discovered that it is a message posing as a notice from Spotify regarding a recent payment. The scammers behind this fraudulent email attempt to steal personal information from recipients. Whoever receives this email should ignore it. This scam email claims
Our analysis of streamadsfeed[.]top shows that it is designed to deliver deceptive notifications. Since it requires user permission to do so, the site uses a clickbait tactic to trick visitors into allowing them. Pages like streamadsfeed[.]top are untrustworthy and should be closed immediately if