We have examined the malware and concluded that Run is ransomware from the Makop family. Our discovery of the ransomware occurred while analysing samples submitted to VirusTotal. After execution, Run encrypts files and appends the victim's ID, an email address, and its extension (".run") to them.
Our team has inspected the message and found that it is a phishing email presented as a security alert. It includes a link to a fake website and urges recipients to follow the provided instructions as soon as possible to prevent the possible "risks". This scam email should be ignored to avoid acco
Our team has inspected the email and concluded that it is a scam. The message is disguised as a notification from FedEx (a legitimate company providing delivery services) to trick recipients into opening the attached file. The purpose of this fraudulent email is to deliver malware. Thus, it should
Cortizol is ransomware that our team has discovered during an analysis of malware samples uploaded to VirusTotal. Our examination shows that Cortizol encrypts files and modifies their names by appending the victim's ID, an email address, and the ".Cortizol" extension. It also changes the desktop w
We have analysed kimchipump[.]com and kimchiofficial[.]live and found that these are two deceptive websites that promote the same scam, a fraudulent cryptocurrency airdrop. The site is designed to trick visitors into believing they can receive free crypto for participating. However, victims never
Payload is ransomware that we discovered while inspecting malware samples uploaded to VirusTotal. After execution, Payload encrypts files and appends the ".payload" extension to them. For example, it renames "1.jpg" to "1.jpg.payload" and "2.png" to "2.png.payload". The ransomware also provides a
Our inspection has revealed that it is a scam email designed to promote a pop-up scam, a site that uses scare tactics. It is disguised as a message about cloud storage issues to trick recipients into clicking the provided link. Emails like this one should be ignored and deleted to avoid potential
We have reviewed the page (punchcoinsol[.]com) and concluded that it is a fraudulent copy of punchonsol.lovable.app website. The scam site promotes a fake airdrop to deceive visitors into following the provided instructions. Its purpose is to activate a malicious tool designed to empty cryptocurre
Our team has examined the email and found it to be a classic advance-fee scam. The goal of the email is to trick the recipient into sharing personal information or sending money, or both. It is important to recognize such scams and never respond to them or follow their instructions to avoid financ
Moonrise is a remote access Trojan (RAT) written in Go programming language. It provides attackers with remote system access, allowing them to gather sensitive information (e.g., login credentials) and execute additional attacks while avoiding detection. The RAT should be eliminated from infected