Chewbacca is a ransomware-type virus discovered by our researchers during a routine inspection of new submissions to VirusTotal. This malware encrypts data and demands payment for its decryption. On our testing system, Chewbacca encrypted files and appended their filenames with a ".{victim's_ID}.
We have examined the email and found that it is a phishing email designed to trick visitors into disclosing personal information on a fake web page. It is disguised as a "last reminder" regarding Two-factor authentication (2FA) from MetaMask. Whoever receives this email should ignore it to avoid p
Spectra is ransomware, which we discovered while inspecting malware samples submitted to the VirusTotal platform. We found that Spectra is based on Chaos ransomware. Once executed, it encrypts files and appends four random characters as their new extension. Also, Spectra provides a ransom note ("S
After inspecting qakabaw[.]sbs, we concluded that it is a deceptive website designed to lure visitors into accepting its notifications. If this permission is granted, qakabaw[.]sbs can deliver fake warnings and other unreliable notifications. Therefore, qakabaw[.]sbs should be avoided. The
"VoxFlowG USDT Airdrop" is a scam email. This fake message promotes a free Tether (USDT) cryptocurrency airdrop. The goal is to lure recipients into visiting a scam site that targets the digital assets stored in their cryptowallets. It must be stressed that all information in this email is false,
Fake AMLBot website(s) is an online scam that imitates the official AMLBot site (amlbot.com). By masquerading as this platform, the imitator webpage(s) aim to trick users into exposing their digital wallets to a cryptocurrency drainer. Victims of this scam experience financial loss. It must be em
ReaderUpdate is a piece of malicious software targeting Mac operating systems. It is a loader – i.e., this program can introduce additional malware or malicious content into devices. ReaderUpdate has been around since at least 2020. There are multiple variants of this loader written in differen
We have inspected the email and found that it contains a fraudulent business proposal along with a misleading offer to join an online meeting. The goal of this scam email is to trick recipients into granting remote access to their computers. Once access is given, scammers can carry out various mal
OctopuZ is an information stealer designed to extract various types of sensitive data from infected devices and execute other actions. The developer offers access to the malware for $9.99 per week, $14.99 per month, or a one-time fee of $29.99 for lifetime access. In other words, OctopuZ is distri
While investigating dubious sites, our research team found the ampention[.]com rogue webpage. It operates by endorsing browser notification spam and redirecting visitors to other (likely dubious/hazardous) websites. Users primarily access pages like ampention[.]com via redirects caused by sites t