After performing a review, it has been concluded that the intent of this email is to trick recipients into opening a malicious attachment. Cybercriminals behind this email use the attached file to distribute a remote administration trojan (RAT) named Agent Tesla. Typically, RATs can be used for mu
While analyzing a suspicious installer obtained from an untrustworthy website, we came across the AltocumulusFloccus browser extension. Our investigation revealed that this extension is malign in nature, capable of enabling the "Managed by your organization" feature in the Chrome browser, collecti
Following the assessment of GoldenLooker, it has been concluded that its main purpose is to inundate users with intrusive advertisements, classifying it as adware. It is important to note that apps like GoldenLooker are often promoted and distributed through deceptive tactics, leading users to i
After examining the PhotosFox application, it has been concluded that its primary intent is to operate as a browser hijacker designed to endorse searchinmda.com, which is a fake search engine. This extension modifies browser settings in order to establish control over it. Users should not trust ap
Our research team found the "key pro" browser extension while investigating untrustworthy websites. After analyzing this piece of software, we learned that it is a browser hijacker. This extension changes browser settings to endorse (via redirects) the keysearchs.com fake search engine. Additional
B-Panther is a ransomware-type program that we discovered while inspecting new submissions to the VirusTotal platform. It is part of the Xorist ransomware family. This ransomware encrypts files and demands ransoms for the decryption. On our test system, B-Panther encrypted files and appended thei
After reviewing "Email Routine Check", we determined that it is a phishing email. It claims that the recipient's mail account is using outdated security settings – hence, they need to update it to avoid service interruptions. The aim of this spam mail is to trick recipients into entering their em
Our researchers discovered the SpotifyxBiden ransomware while inspecting new malware submissions to the VirusTotal site. This malicious program is based on the Chaos ransomware. SpotifyxBiden is designed to encrypt data and demand ransoms for its decryption. On our test machine, the ransomware ad
Our inspection of the "Deceased Relative" email revealed that it is spam. This phishing mail is presented as a letter from an attorney who had represented the recipient's deceased relative. As the next of kin, the recipient is supposedly entitled to a large sum. Spam emails of this kind target pe
During our examination of a malicious installer downloaded from a shady website, we encountered the MelursusUrsinus browser extension. Our team learned that it is a malicious extension that can activate the "Managed by your organization" feature within the Chrome browser, gather various data, and