Upon examining the AssistivePlatform application, our analysis revealed that it exhibits intrusive advertisements. Such applications are known as adware or advertising-supported applications. Users commonly install adware without their knowledge or awareness. AssistivePlatform falls unde
Meduza is a type of malware created using the C++ programming language, specifically designed to steal information. It targets various applications and clients, including web browsers and cryptocurrency wallets, with the objective of collecting sensitive data. This malicious software is available
We found the BalanceSignal app while inspecting new submissions to the VirusTotal website. After investigating this application, we determined that it is advertising-supported software (adware) belonging to the AdLoad malware family. Adware is designed to display advertisements on visite
Rhysida is the name of a ransomware-type program. It is designed to encrypt data and demand payment for its decryption. On our testing machine, Rhysida encrypted files and appended their filenames with a ".rhysida" extension. To elaborate, a file originally named "1.jpg" appeared as "1.jpg.rhysid
After inspecting this "Moldindconbank" email, we determined that it is fake. This letter targets clients of the Moldindconbank Moldovan bank. The spam email states that the recipient's card has been suspended due to suspicious activity. To rectify this issue, the recipient is to conclude a verific
While inspecting new submissions to VirusTotal, our researchers found the Havoc ransomware. Malware of this kind is designed to encrypt data and demand payment for its decryption. On our test machine, Havoc encrypted files and altered their filenames. Original titles were appended with the attack
Upon careful analysis of this email, our team has concluded that it is an instance of phishing. The email is designed to deceive recipients by posing as a communication from an email service provider, specifically impersonating Webmail. The primary goal of scammers is to trick unsuspecting individ
Tunnelbuilder[.]top is a deceptive website designed to trick visitors into subscribing to its notifications. Also, tunnelbuilder[.]top redirects users to similar pages. Users rarely intentionally open such pages. Our team encountered tunnelbuilder[.]top while investigating websites that use dishon
Atlas is the name of a clipper-type malware. Malicious programs categorized as such are designed to replace content copied into the clipboard. Atlas detects whenever a victim copies a cryptocurrency wallet address and replaces it – thus rerouting outgoing transactions. Atlas is capable of
Our researchers discovered the gadscare.com rogue page while investigating suspect sites. This webpage is designed to promote browser notification spam and redirect visitors elsewhere (likely unreliable/harmful sites). Users primarily enter such pages via redirects generated by websites using rogu