XLoader is a new variant of a malware of the same name. This XLoader version was first submitted to the VirusTotal website in July 2023. Previous versions had dependencies on Java, but this latest iteration does not. The newest malware version is written in the C programming language as well as
Our research team discovered the BrowseFrequency application while investigating new submissions to the VirusTotal site. We determined that this piece of software is adware belonging to the AdLoad malware family. Adware stands for advertising-supported software. It generates revenue for
During our investigation of websites associated with questionable advertising networks, we came across ind-securedsmcd[.]live, yet another untrustworthy site. This website seems to have adult content and requests permission to display notifications. Additionally, ind-securedsmcd[.]live redirects u
CraxsRAT is a Remote Access Trojan (RAT) capable of infecting Android operating systems V5 through V12. RATs enable remote access and control over compromised devices. CraxsRAT is incredibly sophisticated, highly versatile, and customizable. At the time of writing, this trojan is being actively u
After thoroughly examining this email, our team has concluded that its purpose is to trick recipients into sending money to scammers or revealing their personal information. This email has been cleverly crafted to appear as a communication related to a giveaway. It is important to exercise caution
Invader is ransomware that encrypts files, appends the ".invader" extension to filenames, and changes the desktop wallpaper. An example of how Invader renames files: it changes "1.jpg" to "1.jpg.invader", "2.png" to "2.png.invader", etc. Cybercriminals behind this ransomware aim to extort money fr
After inspecting the "Carlos Slim Helu Charitable Foundation" email, we determined that it is spam. Presented as a missive from the billionaire business magnate Carlos Slim Helú, this fake letter states that the recipient was randomly selected to receive over four million US dollars. Spam mail th
Upon downloading a suspicious installer from an untrustworthy website, our team identified superstar3.io, a deceptive search engine that presents search results sourced from various other search engines. It is important to note that the installer used to promote superstar3.io may include additiona
During our analysis of Currency Conversion Extension, our team identified traits commonly associated with a browser hijacker. Typically, such applications take over web browsers by modifying their settings. It is common for browser hijackers to promote fake search engines. The Currency Con
Upon reviewing this email, our team has determined that its intent is to deceive recipients into disclosing their personal information. These types of emails are commonly known as phishing emails, and the scammers behind this particular phishing campaign are trying to lure recipients into submitti