Upon reviewing this letter, we determined that it is a phishing email presented as an investment offer. As a rule, scammers behind such emails try to trick recipients into providing personal information and (or) sending money. Thus, recipients should ignore emails like this one. The letter
After downloading and installing ExtendedAsset, our team found out that its primary purpose is to display annoying ads, which prompted us to categorize it as adware. It should be emphasized that users frequently download and install adware without comprehending the possible consequences.
CryptoClippy is malware that operates as a cryptocurrency clipper. The primary function of this malicious software is to monitor the victim's clipboard and to recognize instances where the victim copies a cryptocurrency wallet address. Once identified, the malware replaces the copied wallet addres
While examining malware samples submitted to VirusTotal, our team encountered a fake ransomware (known as "scareware") named RED BANNER. The primary objective of RED BANNER is to deceive unsuspecting users into thinking that their files have been encrypted and that payment is required to regain ac
While examining several deceitful websites that falsely claimed to provide software updates, our team came across a shady app named as MicroInput. Once installed, this app started exhibiting unwanted ads, prompting us to classify it as adware. In addition to displaying ads, MicroInput may gather
During our inspection of World Clock, we found that the purpose of this app is to hijack a web browser by changing its settings. World Clock is a browser hijacker that promotes a fake search engine (search.world-clock-tab.com). It is worth noting that a big part of apps of this type is promoted an
After conducting tests on the SkilledRotator application, our team has determined that it functions as adware. While it is installed, SkilledRotator generates unwanted advertisements and may be able to access sensitive information. Adware is frequently promoted and distributed using shady method
During our analysis of Speak Text, we learned that it functions as a browser hijacker that promotes search.speak-text-tab.com, a fake search engine. Speak Text hijacks a web browser by modifying its settings. In addition, Speak Text can read various data. Thus, it is recommended to avoid adding th
Kiwm is a type of malware that is part of the Djvu ransomware family. We came across Kiwm during our analysis of malware samples submitted to VirusTotal. It works by encrypting files, adding the ".kiwm" extension to their names, and leaving a ransom note (the "_readme.txt" text file). An example
Kifr belongs to the Djvu family of ransomware and follows the pattern of encrypting files and appending the ".kifr" extension to their names. The ransomware also creates a "_readme.txt" file with instructions on how to pay the ransom. Our researchers discovered Kifr while analyzing malware samples