Mamai is the name of a ransomware-type program. It is part of the MedusaLocker ransomware family. Once we executed a sample of Mamai on our test machine, it began encrypting files and appended their filenames with a ".mamai10" extension. Original filename like "1.jpg" appeared as "1.jpg.mamai10",
While investigating new malware submissions to VirusTotal, our researchers discovered the Zxc ransomware-type program. This malicious program belongs to the VoidCrypt ransomware family. After we executed a sample of Zxc on our test machine, it encrypted files and modified their filenames. Origina
"Webmail Security Changes" was revealed to be a spam email by our inspection. This letter is presented as a notification from the recipient's mail service provider regarding unauthorized changes to the email account. This phishing letter targets recipients' log-in credentials in order to steal the
While investigating suspicious websites, our researchers discovered the Infinity Search browser extension. After installing this piece of software on our test machine, we learned that it operates as a browser hijacker. Infinity Search modifies browsers to promote the search.infinity-searches.com f
The purpose of SYS01 is to steal sensitive information, such as login credentials, cookies, and data related to Facebook ad and business accounts. Cybercriminals behind SYS01 have been observed targeting employees in government infrastructure, manufacturing companies, and various other industries.
While inspecting deceptive websites, our research team discovered the "Ads.financetrack(1).exe" technical support scam. It is pertinent to mention that many different types of tech scams use this fake error/malware name. Schemes of this kind make false claims regarding system infections in order
Upon inspection, our team has determined that the Pdf download tool browser extension exhibits intrusive ad behavior and has the capability to access browsing-related data. This type of software is classified as adware. It is often deliberately downloaded by users. Our investigation found that the
After inspecting this "SaphetyDoc" email, we determined that it is spam. This fake letter is presented as a notification regarding a sent electronic document. Once the recipient attempts to access the file, they are redirected to a phishing website that mimics their email account sign-in page. He
After analyzing this email, we have concluded that it is a phishing attempt disguised as a message regarding scam activities. The individuals (scammers) behind this scam are attempting to obtain personal information from the recipients. For this reason, we highly advise disregarding this letter.
CCC USA is ransomware that prevents victims from accessing their files by encrypting them. Also, CCC USA appends the ".cccusawasted" extension to filenames and provides a ransom note (creates "[filename]_info" files containing the same ransom note for each encrypted file). An example of how CCC U