Cortizol is ransomware that our team has discovered during an analysis of malware samples uploaded to VirusTotal. Our examination shows that Cortizol encrypts files and modifies their names by appending the victim's ID, an email address, and the ".Cortizol" extension. It also changes the desktop w
We have analysed kimchipump[.]com and kimchiofficial[.]live and found that these are two deceptive websites that promote the same scam, a fraudulent cryptocurrency airdrop. The site is designed to trick visitors into believing they can receive free crypto for participating. However, victims never
Payload is ransomware that we discovered while inspecting malware samples uploaded to VirusTotal. After execution, Payload encrypts files and appends the ".payload" extension to them. For example, it renames "1.jpg" to "1.jpg.payload" and "2.png" to "2.png.payload". The ransomware also provides a
Our inspection has revealed that it is a scam email designed to promote a pop-up scam, a site that uses scare tactics. It is disguised as a message about cloud storage issues to trick recipients into clicking the provided link. Emails like this one should be ignored and deleted to avoid potential
We have reviewed the page (punchcoinsol[.]com) and concluded that it is a fraudulent copy of punchonsol.lovable.app website. The scam site promotes a fake airdrop to deceive visitors into following the provided instructions. Its purpose is to activate a malicious tool designed to empty cryptocurre
Our team has examined the email and found it to be a classic advance-fee scam. The goal of the email is to trick the recipient into sharing personal information or sending money, or both. It is important to recognize such scams and never respond to them or follow their instructions to avoid financ
Moonrise is a remote access Trojan (RAT) written in Go programming language. It provides attackers with remote system access, allowing them to gather sensitive information (e.g., login credentials) and execute additional attacks while avoiding detection. The RAT should be eliminated from infected
Our team has examined the email and concluded that it is a scam. The message is presented as an "Ethereum Powerball PowerPlay Reward Alert" to trick recipients into believing that they can receive rewards. However, none of the claims in this email are true, and falling for it can lead to various n
We have reviewed the email and determined that it is a phishing attempt. It is crafted to appear as a notification regarding an invoice to trick recipients into opening a deceptive website. The scammers behind this fraudulent email seek to steal personal information. Victims of this scam may have
Our analysis shows that it is a scam email disguised as a transfer request from Wells Fargo Bank. It is designed to appear legitimate and trick recipients into opening the provided page. The ultimate goal is to steal personal information. Scams of this type are classified as phishing attempts.