PJobRAT is the name of Android malware (spyware and Remote Access Trojan) targeting Indian users. Cybercriminals distribute PJobRAT by disguising it as instant messaging and dating apps (e.g., HangOn, SignalLite, Trendbanter, Rita, and Ponam). Their goal is to spy on victims (to gather personal in
Our researchers discovered the "Your System Is Heavily Damaged" scam during a routine investigation of deceptive websites. There are several variants of this Android device targeting scheme. The versions we have inspected claim that the visitor's device is infected and urge them to download the re
We inspected this email and concluded that the scammers behind it aim to trick recipients into providing them personal information. Emails of this type are called phishing emails. This one is disguised as a letter from an email service provider. It instructs recipients to validate their identity v
During a routine inspection of new submissions to VirusTotal, our research team found and sampled the Flying Dutchman ransomware. This malicious program belongs to the Xorist ransomware family. After we executed Flying Dutchman's sample on our test machine, it encrypted files and changed their ti
We examined this email and learned that it is a fake congratulatory letter from a company named "Gold Fields Bullion Limited" (there is a real gold mining company called Gold Fields Limited). Scammers behind this email attempt to trick recipients into believing that they have won an award. They en
While inspecting the WiredBlank application, we learned that it shows advertisements. Apps that show ads are classified as adware (advertising-supported software. In most cases, adware is promoted and distributed using deceptive methods (e.g., scare tactics and fake installers). Our team discove
While inspecting new malware submissions to VirusTotal, our researchers came upon the Dkey ransomware-type program. It belongs to the Dharma ransomware family, and it is designed to encrypt data and demand payment for decryption. Once executed on our test system, Dkey began encrypting files and a
While inspecting new submissions to VirusTotal, our research team found a rogue application named NetSearchPanel. Following our analysis of this application, we determined that it operates as adware. It is pertinent to mention that NetSearchPanel is part of the AdLoad malware family. Adw
Nidescar[.]com is a rogue site designed to deceive visitors into enabling spam browser notification delivery. It is also capable of redirecting them to various (likely untrustworthy/malicious) websites. Users typically access such webpages through redirects caused by sites that use rogue advertis
Our research team discovered the Solo ransomware-type program during a routine investigation of new submissions to VirusTotal. This piece of malicious software is part of the VoidCrypt ransomware family. After we executed a sample of Solo (VoidCrypt) on our testing system, it encrypted files and