Our team has determined that it is a scam campaign involving at least three similar emails designed to trick recipients into following the provided steps. The goal is to deceive recipients into entering personal details on a fake site opened through the included "document". Falling for this scam c
BAVACAI is ransomware that we discovered while examining malware samples submitted to VirusTotal. It belongs to the MedusaLocker ransomware family. BAVACAI encrypts files stored on the victim's computer and exfiltrates data from the network, then demands a ransom in exchange for decryption and to
We have reviewed the email and concluded that it is a phishing scam. It is disguised as a notification regarding a mail server error. The scammers behind it seek to trick unsuspecting recipients into clicking the provided link and entering personal information on the opened deceptive website. Reci
MiniRAT is a type of malware known as a remote access Trojan (RAT) that targets macOS systems. It is designed to give attackers control over an infected device. This threat is written in the Go programming language and is designed to stay hidden. It can detect if it is being analyzed in a virtua
BARADAI is ransomware we found while examining malware samples submitted to VirusTotal. It belongs to the MedusaLocker ransomware family. Upon infiltrating a system, BARADAI encrypts files, appends the ".BARADAI" extension to their filenames, and creates an HTML ransom note. On our test machine,
After reviewing the email, we determined that it is a misleading message pretending to come from a cloud service provider. It directs users to fraudulent websites that display false warnings and instructions intended to deceive visitors into taking certain actions. The email should be ignored and
We have inspected the email and found that it is a deceptive message designed to appear as a notification from a cloud service provider. It promotes fraudulent websites that show fake messages to trick visitors into following the provided steps. Recipients should ignore this email to avoid the ass
Rex is ransomware that our researchers discovered while examining malware samples uploaded to the VirusTotal website. It encrypts files stored on the victim's system, appends a new extension to each filename, creates an HTML ransom note, and claims to have stolen confidential data from the victim'
We have tested aisearchapp.net and found that it is a fake search engine promoted through an unwanted extension. That extension (called AI Search) is a browser hijacker. It is not advisable to use questionable search engines and browser hijackers, as they could lead to malicious sites and other is
Overlord is a Remote Access Trojan (RAT) written in the Go programming language. It targets both Windows and macOS systems, with first detections recorded in South Korea. On macOS, Overlord can establish a persistent connection to an attacker-controlled server, capture keyboard and mouse input,