We discovered two email variants belonging to the "Mailbox Full" spam campaign. These letters make false claims regarding the recipients' email accounts. This spam mail aims to trick them into visiting phishing websites that imitate legitimate email account sign-in pages. One of the spam e
Our examination of the Quick Pic Download browser extension revealed that it shows intrusive ads, leading us to classify it as adware. Adware is commonly promoted and distributed using misleading or questionable practices. We discovered the Quick Pic Download app on a shady website. Quick
LockBit Green is ransomware that encrypts the victim's data, appends a random extension to filenames of all encrypted files, and drops the "!!!-Restore-My-Files-!!!.txt" file containing a ransom note. It is known that LockBit Green is based on Conti ransomware. An example of how LockBit Green ren
While investigating suspicious websites, our researchers discovered the Nautica browser extension. This piece of rogue software operates as a browser hijacker – modifies browser settings, causes redirects, and spies on users' browsing activity. Browser hijackers typically promote fake sear
Addssupport[.]com has been deemed untrustworthy site due to its use of a clickbait technique to trick visitors into subscribing to its notifications. Our team discovered addssupport[.]com while investigating websites that employ rogue advertising networks. It is important to note that most users c
Our inspection of the "UPS Custom Permit" email revealed that it is spam. This letter is presented as a notification from UPS regarding the recipient's order. It must be emphasized that this email is fake, and it is not associated with the actual UPS company. This spam mail likely operates as a ph
While examining malware samples submitted to the VirusTotal website, we discovered a ransomware variant dubbed Auto. This ransomware is identical to Septwolves, Wanqu, Axxes, and many other ransomware variants. Auto encrypts files and two ransom notes ("RESTORE_FILES_INFO.hta" and "RESTORE_FILES_I
After reviewing the email, we have determined that it is a phishing attempt by scammers seeking to obtain sensitive information. The email appears to be about an invoice, but it is actually an elaborate hoax, complete with a bogus HTML file attachment. Recipients should not engage with this email
Ice Breaker is a backdoor-type malware written in Node.js. Campaigns involving this malicious program were first identified in 2022 by Security Joes. These attacks targeted the gaming and gambling industries and were particularly recognizable due to the social engineering techniques employed by th
We have examined this email and determined that it is a typical inheritance scam. Usually, scammers send such emails to trick recipients into parting with their money and (or) sharing their credit card details or other sensitive information. Emails of this type should be ignored. Scammers