Midas is the rebranded version of Haron ransomware. It is designed to encrypt data (lock files) and demand ransoms for the decryption. Malware of this type typically renames the encrypted files, since Midas ransomware primarily targets companies and other large entities - it appends filenames wit
The purpose of this email is to trick recipients into infecting their computers with a Remote Access Trojan (RAT) called AgentTesla. It has an archive file attached to it. That archive file contains an executable file designed to inject AgentTesla. This email is disguised as a letter from
"Critical Framework Error" is a technical support scam. This scheme claims that Windows has blocked a harmful program from running and urges users to call the provided support helpline. It must be emphasized that all of these claims are false. This scam is in no way associated with the Microsoft C
It is a phishing email that scammers use to trick recipients into providing their Microsoft, Google, and possibly other account login credentials. It contains a link designed to open a deceptive website asking to provide an email address and password. Scammers attempt to trick recipients i
Shgv ransomware is a type of malware that encrypts files, generates a ransom note ("_readme.txt"), and appends its extension (".shgv") to filenames. This ransomware variant belongs to the Djvu family. An example of how Shgv modifies filenames: it renames "1.jpg" to "1.jpg.shgv", "2.jpg" to "2.jpg.
PrinterCyberSpace is a rogue app with adware and browser hijacker abilities. This piece of software is also classified as a PUA (Potentially Unwanted Application). Adware is capable of displaying various pop-ups, banners, coupons, and other intrusive ads on visited websites and/or differ
macOS.Macma is the name of a malicious program designed to steal information and spy on its victims. While outdated Catalina macOS (Macintosh operating system) versions are particularly vulnerable to this malware, it has been observed successfully operating on the newest Monterey macOS releases
Hukelpfulin[.]xyz is the address of a rogue website designed to load dubious content and/or redirect visitors to other (likely unreliable or malicious) pages. There are thousands of rogue sites online; earnmoneycrypt.com, hrougthatsidh.club, and ositieonthat.space are but a few examples. Users ty
Earnmoneycrypt[.]com is an untrustworthy site similar to profitsurvey24.com, linkwinners.net, yourcoolfeed.com, news-befuka.cc, and many others. This rogue webpage is designed to load dubious content and/or redirect visitors to various (likely unreliable or malicious) websites. Most users enter p
Push-defenders[.]com is used to promote questionable websites: it redirects visitors to those pages and promotes them via its notifications. Push-defenders[.]com is like tiontowriting[.]xyz, ewdownt[.]club, linkwinners[.]net, and hundreds of other pages. At the time of the research, push-d