"Mailbox Quota Exceeded" is a phishing spam campaign. We inspected two email variants belonging to this campaign. Both versions inform recipients that their email account storage quota has been exceeded and needs to be increased. When attempts are made to update the account, users get redirected
We have examined mypcdefenderplus[.]site and found that this is a deceptive page running the "McAfee - Your PC is infected with 5 viruses!" scam. We also noticed that mypcdefenderplus[.]site wants to send notifications. Our team discovered this site while inspecting pages that use rogue advertisin
Our research team found the lilustriousdates[.]net rogue page while investigating untrustworthy websites. It is designed to promote dubious content and spam browser notifications. Furthermore, this webpage can redirect visitors elsewhere (likely unreliable/malicious sites). Most users access page
KEEPCALM is ransomware that we have discovered during an analysis of malware samples submitted to the VirusTotal site. The purpose of KEEPCALM is to encrypt files. Also, it creates the "ReadMe.txt" file (a ransom note) and modifies filenames (appends the victim's ID, josealen@tutanota.com email ad
We have determined that this email is fraudulent and has been written by cybercriminals with the intent of tricking the recipients into infecting their computers. This email is disguised as a letter from IPG Legal, claiming that it has a long overdue invoice attached to it. The purpose of the emai
Captchaforcaptcha[.]top is a rogue webpage that we discovered while checking out suspicious websites. At the time of research, this page had two appearance variants – both designed to promote spam browser notifications. Furthermore, captchaforcaptcha[.]top can redirect visitors to other (likely un
During our investigation of various deceptive web pages (e.g., those offering updates for supposedly outdated software), our team discovered a questionable application called ResultProtocol. Upon installation, ResultProtocol began displaying unwanted advertisements, leading us to classify this a
Our researchers found the Alice ransomware while investigating new malware submissions to VirusTotal. Malicious programs within this classification operate by encrypting data and demanding payment for decryption. After we executed a sample of Alice on our test machine, it encrypted files and appe
Files Downloader Expert is an application that our team discovered on a suspicious website, though the app also has an official site. Upon testing the application, we discovered that it is a browser extension that displays intrusive advertisements. Due to this behavior, we have classified Files Do
M2RAT is a backdoor malware that operates as a remote access trojan (RAT), performing functions such as keylogging, data theft, command execution, and taking screenshots. The malware uses shared memory sections for commands and data exfiltration, leaving few traces on the infected device.