The "Dormant Account" email is spam. It is presented as a letter from a bank auditing director regarding a dormant account of a late customer. The email suggests splitting the millions within it between the sender and recipient. It must be emphasized that all the claims made by the "Dormant Accou
Daily Inspiration is the name of a browser extension promising various widgets and features, such as displaying inspirational/motivational quotes, a clock, the weather forecast, sticky notes, and a to-do list on the browser's homepage. Our researchers discovered this piece of software while invest
Rdapdylvb is a malicious program belonging to the Snatch ransomware family. Our researchers discovered this ransomware-type program while inspecting new submissions to VirusTotal. After we executed a sample of Rdapdylvb on our test machine, it encrypted files and altered their filenames. Original
We have inspected validitysaver[.]com and found that it is a deceptive website that uses a scare tactic to promote antivirus software. Validitysaver[.]com runs the "McAfee - Your PC is infected with 5 viruses!" scam. Also, this website asks for permission to show notifications. Validitysav
While analyzing Mzop, we found that it is ransomware that encrypts files. Also, it appends the ".mzop" extension to filenames and creates a ransom note (the "_readme.txt" file). Our team discovered Mzop while inspecting malware samples submitted to the VirusTotal website. An example of how Mzop r
We have examined this email and determined that it is a scam. Scammers behind this email aim to trick recipients into believing they will receive a certain amount of money for helping to take care of a daughter of a woman diagnosed with cancer. Scammers who have written this email only intend to s
Gigabud is the name of an Android Remote Access Trojan (RAT) Android that can record the victim's screen and steal banking credentials by abusing the Accessibility Service. Gigabud masquerades as banking, shopping, and other applications. Threat actors have been observed using deceptive websites t
Marnet is ransomware that encrypts and renames files. Also, it drops the "how_to_back_files.html" file containing a ransom note. We discovered Marnet while examining malware samples submitted to the VirusTotal web page. We also found that Marnet belongs to a ransomware family called MedusaLocker.
After inspecting the "Send Us Your Company Updated Bank Info" email, we determined that it is spam. This fake letter requests the recipient to provide their company's banking data in order to clear the attached invoice. The attachment is a phishing file targeting email account log-in credentials.
We have examined protectusonline[.]xyz and learned that it runs the "McAfee - Your PC is infected with 5 viruses!" scam. Protectusonline[.]xyz displays deceptive content (fake virus messages) to trick visitors into believing that their computers are infected and purchasing antivirus software. This