Net is ransomware that we uncovered while examining malware samples submitted to VirusTotal. After execution, Net makes files inaccessible by encrypting them. Also, the ransomware appends the ".net6" extension to files (the number in it may vary) and provides a ransom note ("Recovery_Instructions.
notnullOSX is an information stealer written in the Go programming language. It targets macOS users and is used to steal cryptocurrency from victims. Threat actors distribute notnullOSX using a ClickFix technique and infected DMG files. If this malware gets detected on a device, it should be rem
Our team has discovered that cybercriminals compromised the official Harvard website (hir.harvard.edu) and injected ClickFix. By exploiting access to a trusted, reputable domain, the attackers were able to host malicious content that appears legitimate, increasing the likelihood that visitors woul
We have examined the message and determined that it is designed to deceive recipients into believing that they have to review their accounts as soon as possible. This scam email includes a link to a phishing website. Typically, scams like this are used to harvest personal information. This and sim
We have inspected the email and found that it is designed to look like a delivery update from a legitimate company. However, this message is fraudulent, as it contains fake details and includes a link to a deceptive page. The scammers behind this email likely seek to steal money and personal infor
STX is a remote access Trojan (RAT) that cybercriminals were observed spreading through fake or trojanized software installers. The RAT steals passwords, browser data, crypto-wallet details, and other sensitive information after connecting to its command-and-control server. It also uses anti-detec
Hnx911 is ransomware from the Xorist family. Our team discovered it during an inspection of malware samples uploaded to VirusTotal. Once executed, Hnx911 encrypts the victim's files and appends the ".hnx911" extension. It also creates a ransom note "HOW TO DECRYPT FILES.txt" and displays another o
Our team has reviewed the email and found that it is disguised as a notification regarding the recipient's cloud storage plan. It urges the recipient to solve the "issue" through the provided link as soon as possible. The included link leads to deceptive websites. This scam email should be ignored
We have inspected the email and found that it is written by scammers who pretend to be "The Network Solutions Team". This message, disguised as a system security review notice, includes a deceptive link. The goal of the scammers behind it is to steal personal information from unsuspecting recipien
Our team discovered Cooked while analyzing samples submitted to VirusTotal. Our examination has shown that this is ransomware designed to encrypt files, provide a ransom note ("Readme.txt"), and add its extension (".cooked") to files. For example, it renames "1.jpg" to "1.jpg.cooked", "2.png" to "