It has been revealed that this is a scam related to cryptocurrency, strategically devised to deceive unsuspecting users into engaging in a counterfeit giveaway. The primary objective pursued by the perpetrators orchestrating this Earndrop scam is the illicit acquisition of cryptocurrency through f
Upon examination, it has been determined that StenonychosaurusInequalis is a questionable browser extension capable of accessing diverse information, controlling themes and other extensions, and enabling the "Managed by your organization" feature in Chrome and Edge browsers. Consequently, users ar
Following a thorough investigation, it has come to light that this is a cryptocurrency scam designed to exploit unsuspecting individuals by stealing their digital assets. The scam is propagated through X (Twitter) and a deceptive webpage promoting a fraudulent giveaway. Consequently, users are str
Prime, a malicious software, specializes in pilfering sensitive information from Windows users. This cunning threat exhibits proficiency in extracting a broad spectrum of data, including but not limited to browser data, crypto details, Discord data, system information, and various other data. This
Tutu is ransomware belonging to the Dharma family. Its purpose is to prevent victims from accessing files by encrypting them. Tutu renames files using a specific pattern and displays a pop-up window (and creates the "README!.txt" file) containing a ransom note. This ransomware appends the victim'
This is a fraudulent scheme where scammers attempt to deceive unsuspecting individuals and steal their cryptocurrency. Perpetrators employ a deceptive giveaway scheme, advertised through posts on X (previously known as Twitter) alongside a bogus website, to entice victims into falling for their pl
Rapid is ransomware belonging to the MedusaLocker family. The discovery of this ransomware occurred during an examination of samples on VirusTotal. The main goal of Rapid is to restrict access to files by encrypting them. Additionally, Rapid renames files (appends its extension) and creates a rans
Our analysis determined that Unicom is a malicious application (unrelated to UNICOM Global) disseminated through a malicious installer hosted on an unreliable webpage. The specific intent of Unicom remains unclear. It is important to highlight that the installer responsible for distributing Unicom
During a review of malware samples submitted to VirusTotal, a ransomware variant based on Chaos and dubbed Z912 has been discovered. Z912 blocks access to files using encryption and appends four random characters to filenames. Also, Z912 creates a ransom note (the file named "Importante para recup
After thoroughly examining a malevolent installer, it has been established that the application included in this installer, CasuariusCasuarius, is an untrustworthy browser extension. This extension has the capability to enable the "Managed by your organization" feature in Chrome and Edge browsers,