While examining malware samples submitted to VirusTotal, our team discovered a ransomware variant belonging to the Phobos family dubbed Unknown. This ransomware encrypts files and modifies their filenames, and provides two ransom notes (creates "info.hta" and "info.txt" files). Unknown ransomware
Creal is a stealer-type malware written in the Python programming language. Malicious programs within this classification are created for the purpose of stealing sensitive information. Creal targets log-in credentials, data related to messaging software, cryptocurrency wallets, and other vulnerabl
While examining pages that use rogue advertising networks, we discovered yournicejournal[.]com. This website uses a clickbait technique to trick visitors into agreeing to receive notifications. Also, yournicejournal[.]com redirects to other websites. Thus, this page should not be trusted/visited.
PY#RATION is a Python-based malware that shows characteristics of remote access trojan (RAT). It is capable of remotely controlling infected computers and maintaining persistence. PY#RATION has a variety of features, including data exfiltration and keylogging. PY#RATION has the ability to
Our researchers discovered the chaeffulace[.]com rogue page while checking out dubious websites. It is designed to promote browser notification spam and redirect visitors to other (likely untrustworthy/malicious) sites. Most users access webpages like chaeffulace[.]com via redirects caused by site
Our inspection of the "Payment Remittance Advice" email revealed that it is spam. This letter is disguised as a message regarding a resolved payment, the details of which are supposedly in the attachment. However, the malicious file is designed to infect recipients' devices with malware. T
We have analyzed this letter and found that it is a phishing email. It is written by fraudsters who attempt to extract personal information from unsuspecting recipients. This email is disguised as a letter from the accounting manager of the Colodyne Technology company. It has a fake invoice attach
We have inspected this letter and determined that it is a scam email sent by scammers who try to trick recipients into providing sensitive information. Emails of this kind are called phishing emails. This and similar emails should be ignored and deleted or marked as spam. This letter is di
We determined that the "Voice Note" spam email is used for phishing. It attempts to lure recipients into opening an attachment requesting a sign-in with their email accounts. The spam email's subject – "VoiceNote Transcription Message on January 19,2023" (may vary) implies that the recipie
While investigating questionable websites, our researchers discovered the gettruevinet[.]com rogue page. It is designed to promote browser notification spam and redirect users to other (likely unreliable/malicious) sites. Users primarily access webpages like gettruevinet[.]com through redirects c