"WELL Earn Eligibility" is a scam that operates as a cryptocurrency drainer. The scheme is presented as an airdrop-type event where users may receive WELL tokens. By attempting to check their eligibility for participation, users expose their cryptowallets to the scam that then begins draining them
Secles is a data-encrypting malware discovered by our research team during a routine inspection of new submissions to the VirusTotal platform. Programs that encrypt files to demand decryption ransoms are classified as ransomware. After we executed a sample of Secles on our testing system, it encr
Our analysis indicates that ElementaryFrame is an advertising-supported program designed to display advertisements. In addition to its primary function of showcasing ads, ElementaryFrame may also gather various types of information. Due to its lack of reliability and potential privacy concerns,
During analysis of ourcommonnewz[.]com, it came to our attention that the page uses clickbait to lure visitors into agreeing to receive notifications. Upon visiting ourcommonnewz[.]com, users are presented with misleading content. Also, ourcommonnewz[.]com can redirect to similar sites. Ou
While investigating new malware submissions to VirusTotal, our research team found the Ebaka ransomware. This malicious program is part of the Phobos ransomware family. Ebaka is designed to encrypt files and demands ransoms for their decryption. On our testing system, this malware altered files (
NOOSE is ransomware from the Chaos family. Once a computer is infected, NOOSE encrypts files, appends the ".NOOSE" extension, changes the desktop wallpaper, and creates the "OPEN_ME.txt" file (a ransom note). An example of how files encrypted by NOOSE are renamed: "1.jpg" is changed to "1.jpg.NOOS
In the course of our inspection, we came across the finding that Nematoda is a dubious application distributed via a malicious installer. Once added, Nematoda enables the "Managed by your organization" feature. Also, this extension can read and change various data and manage other extensions (and
GreatestZone is a rogue app classed as adware. This piece of software is part of the AdLoad malware family. It is designed to run intrusive ad campaigns but may exhibit other harmful capabilities as well. Our researchers discovered GreatestZone during a routine investigation of new submissions t
Our examination revealed that ProfessionalServer is an advertising-supported program created to showcase advertisements. Beyond its ad-displaying function, ProfessionalServer may also collect diverse information. Given its lack of reliability, it is recommended to uninstall ProfessionalServer fr
In our examination, we have identified VBScrollLIB as a dubious program distributed through a malicious installer found on an untrustworthy website. The VBScrollLIB application shares similarities with another app named NPhoneRing. Given the unclear purpose of VBScrollLIB, it is advisable not to p