Jackalock is a ransomware-type program found by our research team while inspecting new submissions to the VirusTotal website. This program belongs to the MedusaLocker ransomware family. After we launched a sample of Jackalock on our test machine, it encrypted files and appended their names with a
Upon inspecting the "Reconfirm Account Ownership" email, we determined that it is spam. This message urges the recipient to re-verify their account, thus luring them into disclosing their email log-in credentials to a phishing website. This spam email states that the recipient must reconfi
Appsuccess[.]monster is a rogue webpage discovered by our researchers during a routine investigative session of suspect sites. After examining this page, we determined that it promotes browser notification spam and redirects users to other (likely unreliable/harmful) websites. Most users enter the
Our researchers found an installer containing the Temeliq Ultra Touch PUA (Potentially Unwanted Application) while browsing deceptive websites. These apps usually have harmful abilities, and upon analysis, we discovered that Temeliq Ultra Touch acts as a dropper for the Legion Loader malware.
Our researchers discovered DarkMystic while investigating new submissions to the VirusTotal platform. This program belongs to the BlackBit ransomware family. Malicious software within this classification encrypts data and demands payment for the decryption. On our testing system, DarkMystic (Blac
While browsing new submissions to VirusTotal, our research team discovered the Jeffery ransomware. Malicious programs within this category are designed to encrypt data and demand payment for the decryption. On our test machine, Jeffery malware encrypted files and appended their filenames with a "
VerdaCrypt is a ransomware-type program found by our researchers during a routine inspection of new malware submissions to VirusTotal. Ransomware encrypts victims' data and demands payment for its decryption. After we executed a sample of VerdaCrypt on our test machine, it encrypted files and add
After inspecting this "iToken" presale – we determined that it is fake. When users attempt to take part in the presale event, they are deceived into disclosing private information through a bogus registration process. It must be emphasized that this scam is in no way associated with Apple Inc. or
After reading this "We Hacked Your System" email, we determined that it is spam, specifically – a sextortion scam email. This message threatens to leak an explicit video of the recipient to their contacts unless the blackmailer is paid. It must be emphasized that all the claims in this message are
Neptune is a Remote Access Trojan (RAT) written in the Visual Basic (.NET) programming language. Trojans of this kind enable remote access and control over compromised machines. Neptune is a highly multi-functional piece of malicious software. There have been several variants of this RAT. At the