After a thorough examination, it has been determined that ChrysochlorisAsiatica is an untrustworthy browser extension distributed through a malicious installer. Upon adding this extension to a browser, it activates the "Managed by your organization" feature, particularly in Chrome or Edge. Additio
Upon thorough examination, it has been determined that this email exemplifies a classic investment scam, often recognized as an advance-fee scam. The intention is to deceive recipients into sending money to fraudsters. Additionally, it is typical for scammers associated with these emails to solici
After a recent analysis of malware samples uploaded to VirusTotal, it has been determined that Cdtt belongs to the Djvu ransomware family. Its primary objective is to encrypt data, and it generates a ransom note ("_readme.txt") while appending the ".cdtt" extension to filenames (e.g., it renames "
During our comprehensive analysis of malware samples submitted to the VirusTotal page, it has been identified that Cdpo is a ransomware variant associated with the Djvu family. Cdpo encrypts files and adds its extension (".cdpo") to the filenames. For example, it renames "1.jpg" to "1.jpg.cdpo", "
Our research team discovered a deceptive website pushing a suspicious installation setup during a routine investigation of untrustworthy sites. Therein, we found the CallorhinusUrsinus malicious extension. This piece of software targets Google Chrome and Microsoft Edge browsers. The extension has
Upon reviewing the "SLEEPLESS AI Airdrop", we determined that it is a fake airdrop. This giveaway promises to distribute Sleepless AI (AI) cryptocurrency for free. Instead, this scheme operates as a cryptocurrency drainer – meaning that the scammers steal the funds stored in connected wallets. It
In the process of an evaluation, it has surfaced that Simulatively.app is one of the unreliable apps from the Pirrit family that is designed to show intrusive advertisements. Apps that function like Simulatively.app are categorized as adware. Commonly, adware is promoted using deceptive methods
While investigating websites that utilize rogue advertising networks, our research team found the Daily Guard browser extension. It is promoted as an adblocker capable of blocking online advertisements (including on YouTube) and trackers, as well as preventing access to malicious sites. However,
Upon examination, it has been determined that this is a deceptive scheme masquerading as a giveaway associated with the legitimate platform Plug, which serves as an Internet Computer (IC) browser crypto wallet and authentication provider. The purpose of this scam is to steal cryptocurrency from in
AdminHelper is a rogue application, which we determined to be adware. Our examination revealed that this piece of software operates by running intrusive ad campaigns. It is noteworthy that AdminHelper is part of the AdLoad malware family. Adware stands for advertising-supported software.