Our team discovered Cooked while analyzing samples submitted to VirusTotal. Our examination has shown that this is ransomware designed to encrypt files, provide a ransom note ("Readme.txt"), and add its extension (".cooked") to files. For example, it renames "1.jpg" to "1.jpg.cooked", "2.png" to "
Our analysis indicates that this is a scam email intended to deceive recipients into thinking their cloud account has been scheduled for deletion. It directs users to fraudulent websites. All claims made in the email and on the linked sites are false and should not be trusted. If you receive this
We have reviewed the email and determined that it is a phishing message containing a link to a fake website. The scammers behind this email seek to steal personal information that can be misused to hijack accounts. Stolen accounts can be misused for malicious purposes. Overall, this scam email sho
We have examined the malware and found that Draxo is ransomware. Our discovery of this ransomware occurred during an inspection of samples uploaded to VirusTotal. Once launched, Draxo encrypts files and appends four random characters to filenames. For instance, it renames "1.jpg" to "1.jpg.uuwf" a
Our analysis shows that this is a scam email designed to trick recipients into believing that their cloud account has been suspended. It promotes deceptive websites. No claims in this email or the linked scam websites are true, so they should be ignored. If received, this scam email should be dele
Black TENGU is ransomware that our team found while examining samples uploaded to VirusTotal. Once executed, Black TENGU encrypts files and changes their names by appending the ".TENGU" extension. For instance, it renames "1.jpg" to "1.jpg.TENGU" and "2.png" to "2.png.TENGU". Also, Black TENGU cre
Storm is an information stealer that is sold for between $300 and $1,800. It is written in C++ and is capable of stealing files and information from various apps and extensions, taking screenshots, and loading and executing files. Victims may encounter issues like identity theft, financial loss, a
We have inspected the email and concluded that it is designed to appear as a "delivery failure notice" from the email service provider. It includes a link to a fake login website designed to steal personal information. Victims of this scam may lose access to email accounts and encounter further is
UNC is ransomware from the Dharma family. Our team has discovered this ransomware during an analysis of malware samples uploaded to VirusTotal. After execution, UNC encrypts files and appends the victim's ID, an email address, and the ".UNC" extension to them. It also displays a ransom note (and c
During our examination of skyeco-vote[.]com, we found that this page impersonates the legitimate Sky.money platform and falsely promotes voting rewards for SKY token holders. The site is, in reality, a cryptocurrency drainer designed to steal digital assets from any visitor who connects a wallet t