GoldDigger is an Android Trojan with a focus on financial institutions, having been operational since at least June 2023. This Trojan camouflages itself as a counterfeit Android app, capable of mimicking both a Vietnamese government portal and a local energy firm, all with the primary objective of
After reviewing the "A Payment Has Been Posted On Your Card" email, we determined that it is fake. Presented as a notification from American Express, it claims that the recipient has been given a reward payment. The letter instructs to download and access the attachment, thus validating the payme
Carnivora is a malicious browser extension that has been discovered during analysis of a malicious installer hosted on a suspicious website. Carnivora is capable of performing actions such as adding the "Managed by your organization" feature to browsers, managing themes and extensions, and reading
SaveLock is a ransomware-type program discovered during a routine investigation of new submissions to the VirusTotal site. This malicious program is part of the MedusaLocker ransomware family. SaveLock operates by encrypting data to demand ransoms for its decryption. On our testing system, this r
It has been discovered that SignalUpdater falls into a category known as adware, which is software designed to bombard users with intrusive advertisements. Adware developers often distribute it by using deceptive methods. The modus operandi of apps like SignalUpdater raises several concerns, inc
During analysis of malware samples submitted to the VirusTotal website, a ransomware variant belonging to the MedusaLocker family dubbed Infected has been discovered. Infected restricts access to files by encrypting them and renames them by appending the ".infected" extension. Also, this ransomwar
Following an assessment of the ShoutSystem app, it became apparent that its primary aim is to inundate users with intrusive advertisements. To put it differently, ShoutSystem operates as adware. It is common for applications like ShoutSystem to be disseminated using deceptive methods. They often
After a thorough examination of searchparrot.world, it has been ascertained that it functions as a fraudulent search engine. During this analysis, it was observed that searchparrot.world redirected to different websites and did not yield genuine search results. It is important to highlight that fr
ReserveBroadband is a rogue application that we discovered while reviewing new file submissions to the VirusTotal platform. Our inspection of this app revealed that it is advertising-supported software (adware) belonging to the AdLoad malware family. ReserveBroadband operates by delivering intr
While checking out new submissions to the VirusTotal website, our research team discovered the ProjectorDigital application. After examining it, we determined that it is advertising-supported software (adware). ProjectorDigital is part of the AdLoad malware family. Adware operates by dis