Muggle is the name of an information stealer developed using the Go programming language. This malware is capable of stealing passwords, capturing screenshots, and gathering certain system information. Muggle should be removed from infected operating systems as soon as possible. By surrept
TOITOIN is a trojan-type malware with information-stealing capabilities. This piece of malicious software has been observed as the final payload in sophisticated multi-stage infections. The attacks were highly targeted and leveraged against businesses based in the Latin American region. Th
Upon examining this email, we have determined it to be a phishing attempt. The content of the email has been crafted by fraudsters who impersonate an email service provider to trick unsuspecting recipients into divulging personal information on a fraudulent website. It is highly recommended that r
Upon examination of this email, we have determined that it is a fraudulent message falsely purporting to be related to the requested documents. The intention behind this email is to deceive recipients into unknowingly executing malware via the attached PDF document. The specific malware being dist
During our analysis of the ViewInput application, we observed its intrusive advertising behavior, leading us to classify it as adware. Adware is commonly distributed through questionable means, which can result in unintentional installation by unsuspecting users. Apps of this kind should not be
While examining malware samples submitted to the VirusTotal website, our analysis revealed the presence of a ransomware variant called Gayn. This ransomware employs file encryption to block access to files and modifies filenames by adding the ".gayn" extension. Additionally, it generates a ransom
Gazp is ransomware belonging to the Djvu family that employs encryption to lock data and appends the ".gazp" extension to file names. Additionally, Gazp generates a "_readme.txt" file that contains instructions for contacting the attackers and making ransom payments. It is common for Djvu ransomw
ResultsDisplay is a rogue application we discovered while investigating new submissions to the VirusTotal website. Our analysis of this app revealed that it is adware. ResultsDisplay is part of the AdLoad malware family. Adware stands for advertising-supported software. It is designed to
Our research team found the ActiveProtocol app while inspecting new submissions to VirusTotal. After examining this application, we determined that ActiveProtocol is adware belonging to the AdLoad malware family. Adware stands for advertising-supported software. It operates by delivering
After inspecting the "OneDrive Purchase Order" email, we determined that it is spam operating as a phishing scam. This bogus letter claims that the recipient was sent documents for a purchase order via OneDrive. It must be emphasized that this spam mail is in no way associated with the actual One