While investigating new file submissions to VirusTotal, our research team discovered yet another ransomware from the MedusaLocker family – titled Zombi. This malicious program encrypts data and demands ransoms for its decryption. It targets large entities (companies, organizations, etc.) rather t
After thoroughly examining the SpinosaurusAegyptiacus application, it has been established that this is an untrustworthy app with the ability to access a wide range of data and manage browser components. Also, it is distributed through a malicious installer. Consequently, users are strongly advise
Things To Do is a browser extension endorsed as a tool that allows users to create to-do lists. We discovered this piece of software during a routine inspection of untrustworthy websites. Our examination revealed that Things To Do is a browser hijacker. The extension changes browser settings to p
A new ransomware variant, referred to as Read and associated with the Makop family, has been uncovered during an examination of malware samples submitted to VirusTotal. This variant encrypts files and alters their filenames, in addition to creating the "+README-WARNING+.txt" file featuring a ranso
A recently identified ransomware variant, known as 34678 and affiliated with the Dharma family, has come to light following an analysis of malware samples submitted to VirusTotal. 34678 encrypts files and changes their filenames. Also, it displays a pop-up window containing a ransom note and gener
Upon our review of this email, we have ascertained that it originates from fraudulent individuals. The primary objective of this deceptive email is to trick recipients into thinking it pertains to their data security and account protection. The scammers responsible for this scam endeavor to entice
A recently discovered macOS malware called KandyKorn has been found in an attack linked to the North Korean Lazarus hacking group. Their targets are blockchain engineers who work with cryptocurrency exchange platforms. The attackers pretend to be part of the cryptocurrency community on Discord t
During our analysis of malware samples on the VirusTotal platform, we came across the Yzqe ransomware, which is associated with the Djvu family. When it infects a computer, this ransomware encrypts data and appends the ".yzqe" extension to file names. For instance, a file named "1.jpg" would be al
While examining malware samples submitted to VirusTotal, we encountered the Yzoo ransomware, which has ties to the Djvu family. In the event of a computer becoming infected with Yzoo, it proceeds to encrypt files and add the ".yzoo" extension to their original file names. For example, "1.jpg" woul
Our research team found the DeepInDeep ransomware while reviewing new malware submissions to VirusTotal. This program is part of the Phobos ransomware family. Ransomware is designed to encrypt files and demand ransoms for its decryption, and DeepInDeep is not an exception. This malware alters the