IcSpy is a malicious program designed to infect Android devices. It is an information-stealing malware that primarily targets banking and finance-related data. The researched variant was disguised as the app of the State Bank of India (SBI); however, other disguises are possible. This version was
We have analyzed this email and found that it was sent by fraudsters who seek to extract money and (or) sensitive information. Scammers aim to convince recipients who have been scammed in the past that they can receive compensation of three million British pounds. It is a scam email that should be
IcRAT is a Remote Access Trojan (RAT) that targets Android Operating Systems (OSes). RATs are designed to allow attackers to assume control over infected devices. IcRAT has been notably proliferated through smishing (SMS phishing) campaigns, which go after clients of well-known Indian banks. The
Elibomi is multi-functional malware targeting Android Operating Systems (OSes). This malicious program can perform various actions on infected devices, and it can extract a broad range of sensitive data. This malware has been around since at least 2020, and it has multiple iterations. Recently, E
FakeReward is the name of a malicious program targeting Android devices. It is designed to obtain personally identifiable and banking-related information. There are multiple variants of FakeReward; at least five versions have been spotted at the time of writing. FakeReward has been actively proli
SearchBlox is a malicious Google Chrome browser extension. There are two variants of this extension, and both promise to allow users to search the Roblox video game platform servers for a specific player. Instead, this piece of malicious software targets data associated with Roblox and Rolimons -
Mafer is one of the VoidCrypt ransomware variants designed to encrypt files, append the victim's ID, filees@gmail.com email address, and the ".Mafer" extension to filenames, and drop a text file ("Read_Me!_.txt") containing a ransom note. Our team discovered Mafer while examining malware samples s
D0nut is a ransomware that encrypts files and appends the ".d0nut" extension to filenames (e.g., it renames "1.jpg" to "1.jpg.d0nut", "2.png" to "2.png.d0nut", and so forth). Also, D0nut drops two HTML files ("d0nut.html") and displays a pop-up window. They contain ransom notes. Screenshot of
"Payment For McAfee Subscription" is the name of an email spam campaign. The letters can be plain or quite elaborate, but they all refer to purchases or renewals of the McAfee anti-virus. It must be emphasized that these emails are fake, and they are not associated with the actual McAfee Corp. Th
While examining shady ads and websites, we discovered a scam website offering to get a Walmart gift card. Usually, scam websites like this one are used to extract personal information and (or) money. It is strongly recommended not to trust such pages. This scam website shows a pop-up messa