RAXNET is a malicious program that operates as a clipper. Malware within this classification can replace clipboard data. RAXNET specifically targets copied cryptocurrency wallet addresses and replaces them with those belonging to the attackers. The purpose of this malware is to steal cryptocurrenc
Patriot is the name of a malicious program that operates as a stealer. Despite being described as an "educational" tool in its promotional material, this program is sold on the Web and has functionalities designed for malicious use. Patriot is capable of stealing a wide variety of information, in
After analyzing the "Incoming Messages ERROR Notification" email, we determined that it is spam operating as a phishing scam. This mail claims that an error had occurred on the recipient's email account and prevented messages from researching the inbox. To release the nonexistent letters - the rec
We examined this email and learned that it is generated by crooks who seek to trick recipients into believing that they have won a lottery. This letter is a hoax (a lottery scam). People who fall for such scams never receive any money or other prizes. Thus, this email should be ignored/deleted.
Team Punisher is a ransomware-type program designed to encrypt data and demand ransoms for decryption. On our test machine, this malware encrypted files and appended their filenames with a ".punisher" extension. To elaborate, a file initially named "1.jpg" appeared as "1.jpg.punisher", "2.png" as
While inspecting new submissions to VirusTotal, our researchers found a new ransomware that belongs to the Xorist ransomware family, which is named Ety. Ransomware is designed to encrypt data and demand payment for decryption. Once executed on our test system, Ety began encrypting files and chang
While analyzing theupgradedata[.]com, we learned that it is a deceptive website designed to lure visitors into agreeing to receive notifications. Also, theupgradedata[.]com redirects to other untrustworthy pages. Our team discovered theupgradedata[.]com while examining pages that use rogue adverti
After examining this email, our team concluded that it is a phishing email sent by scammers who seek to extract sensitive information from recipients. This scam email is disguised as a letter from an email service provider. It contains a link to a phishing website. Thus, it should be marked as spa
Our analysis of the "New Update On Your Account" email revealed that it is spam. This letter states that the recipient's email needs to be updated and redirects them to a phishing website targeting the account's log-in credentials. In addition to losing their email accounts, successfully scammed v
CRASH is ransomware (one of the Dharma ransomware family's variants). It encrypts files, modifies filenames (by appending the victim's ID, netcrash@msgsafe.io email address, and the ".CRASH" extension to filenames), and provides two ransom notes (displays a pop-up window and drops the "info.txt" f