JaskaGO is a sophisticated stealer written in Go (Golang) programming language targeting Windows and macOS systems. With extensive commands from its Command and Control server, the malware excels at extracting valuable information, exposing users to a heightened risk of data compromise, including
It has been determined that Lomx is a member of the Djvu ransomware family. Lomx's primary objective is to encrypt files. Additionally, Lomx modifies file names by appending the ".lomx" extension and generates a ransom note identified as "_readme.txt". Given its affiliation with the Djvu family,
After examining a harmful installer acquired from an untrustworthy source and integrating SylvilagusFloridanus into a web browser, we have discovered alarming functionalities associated with SylvilagusFloridanus. This includes enabling the "Managed by your organization" feature, accessing data on
PUA:Win32/Solvusoft is the detection name for unwanted applications detected by security solutions (mainly by Microsoft Windows Defender). These applications, categorized under this detection name, are typically flagged due to their undesirable nature or behavior. These applications might not be i
Our analysis reveals that this email is a fraudulent attempt crafted by scammers seeking to obtain sensitive information from recipients. Such deceptive emails are commonly referred to as phishing emails. In this instance, the phishing email is camouflaged as a notification from an email service p
It has been identified that Loqw is ransomware belonging to the Djvu family. Loqw is designed to encrypt files and change their filenames (append the ".loqw" extension). Also, this ransomware creates a ransom note ("_readme.txt"). Since loqw belongs to the Djvu family, it may be distributed with i
Our research team discovered the notifonline[.]com rogue page while reviewing questionable websites. It is designed to promote browser notification spam and redirect users to other (likely unreliable/hazardous) sites. Visitors to notifonline[.]com and similar webpages access them via redirects ge
Upon inspection, we learned that "Final Price" is a spam email promoting a phishing scam. The recipient is lured into disclosing their email account log-in credentials by false claims regarding final prices for listed items. The scam email with the subject "New Order" (may vary) informs th
"PUA:Win32/Presenoker" is a detection name used by multiple security engines/tools, including the Microsoft Defender Antivirus, as an identifier for Potentially Unwanted Applications (PUAs). Software within this category typically appears genuine and useful yet seldom operates as promised by its
The Prysmax (also known as Valkyrie) malware is a harmful program crafted to extract data and exert complete control over devices, contingent on the chosen plan. The originator of Prysmax provides three purchasing alternatives: a stealer for €49.99, a Remote Administration Trojan (RAT) for €69.99,