NetworkImagine is a rogue app that we discovered while investigating new submissions to VirusTotal. Our examination of this application revealed that it operates as adware and that it is part of the AdLoad malware family. Adware stands for advertising-supported software. It operates by d
Easylifescan[.]com is the address of a rogue webpage designed to promote online scams and spam browser notifications. At the time of research, it ran the "You've visited illegal infected website" scam. Additionally, this page can redirect users to different (likely unreliable/dangerous) sites. Mo
We have examined arrowtoldilim[.]com and found that the purpose of this page is to deceive visitors into allowing it to send notifications. Arrowtoldilim[.]com aims to achieve that by displaying a deceptive message and other elements. Additionally, arrowtoldilim[.]com redirects users to similar we
After examining the "Apple Mobile Promo Draw" spam email, we determined that it operates as a phishing scam. This campaign targets personally identifiable information, which is coaxed out of recipients through false claims concerning a prize of 750 thousand USD that they have supposedly won.
After inspecting the "American Express Security Team" email, we determined that it is fake. This spam letter is presented as a notification regarding a declined cardless purchase. The goal is to trick the recipient into providing their account credentials into a phishing file. It must be emphasize
After careful analysis, we have determined that the email in question is a scam. The purpose of this fraudulent message is to deceive recipients into providing personal information or making financial transactions to scammers. It is strongly recommended that recipients ignore and delete this email
TUGA is ransomware that encrypts files, appends its extension (".TUGA") to filenames, and leaves a ransom note ("README.txt"). Our team discovered TUGA while examining malware samples submitted to the VirusTotal website. An example of how TUGA renames files: it changes "1.jpg" to "2.jpg.TUGA", "2.
Umbral is the name of stealer-type malware. Malicious programs within this classification are designed to steal valuable information from infected devices. Umbral is able to extract and exfiltrate data from systems and various installed applications. It is noteworthy that this program has been obs
JokerSpy is the name of a backdoor malware targeting macOS operating systems. It is a sophisticated toolkit designed to breach macOS machines. JokerSpy utilizes a combination of Python and Swift programs that possess the capabilities to gather data and execute arbitrary commands on compromised c
Our research team discovered the ChannelLegion application while reviewing new submissions to the VirusTotal website. After examining this app, we determined that it is adware belonging to the AdLoad malware family. Adware stands for advertising-supported software. Its purpose is to gene