Our inspection of the "Suspension Notice" email revealed that it is spam operating as a phishing scam. This fake letter is presented as a notification from the recipient's email service provider stating that their account has been marked for suspension. Through a bogus verification process, this s
Our team downloaded and tested the Storage Controller browser extension and found that it shows unwanted advertisements. Additionally, it can read and change data on all websites. Since Storage Controller shows ads, we classified it as adware. We discovered this app on a deceptive website.
IcSpy is a malicious program designed to infect Android devices. It is an information-stealing malware that primarily targets banking and finance-related data. The researched variant was disguised as the app of the State Bank of India (SBI); however, other disguises are possible. This version was
We have analyzed this email and found that it was sent by fraudsters who seek to extract money and (or) sensitive information. Scammers aim to convince recipients who have been scammed in the past that they can receive compensation of three million British pounds. It is a scam email that should be
IcRAT is a Remote Access Trojan (RAT) that targets Android Operating Systems (OSes). RATs are designed to allow attackers to assume control over infected devices. IcRAT has been notably proliferated through smishing (SMS phishing) campaigns, which go after clients of well-known Indian banks. The
Elibomi is multi-functional malware targeting Android Operating Systems (OSes). This malicious program can perform various actions on infected devices, and it can extract a broad range of sensitive data. This malware has been around since at least 2020, and it has multiple iterations. Recently, E
FakeReward is the name of a malicious program targeting Android devices. It is designed to obtain personally identifiable and banking-related information. There are multiple variants of FakeReward; at least five versions have been spotted at the time of writing. FakeReward has been actively proli
SearchBlox is a malicious Google Chrome browser extension. There are two variants of this extension, and both promise to allow users to search the Roblox video game platform servers for a specific player. Instead, this piece of malicious software targets data associated with Roblox and Rolimons -
Mafer is one of the VoidCrypt ransomware variants designed to encrypt files, append the victim's ID, filees@gmail.com email address, and the ".Mafer" extension to filenames, and drop a text file ("Read_Me!_.txt") containing a ransom note. Our team discovered Mafer while examining malware samples s
D0nut is a ransomware that encrypts files and appends the ".d0nut" extension to filenames (e.g., it renames "1.jpg" to "1.jpg.d0nut", "2.png" to "2.png.d0nut", and so forth). Also, D0nut drops two HTML files ("d0nut.html") and displays a pop-up window. They contain ransom notes. Screenshot of