SafePay is ransomware, a type of malware that encrypts victim's files to extort money. In addition to encrypting files, SafePay appends ".safepay" to them and generates a ransom note ("readme_safepay.txt"). An example of how SafePay renames files: it changes "1.jpg" to "1.jpg.safepay", "2.png" to
During our inspection, we found that UpgradeView is adware that security vendors flag as malicious. Upon installation, the app can generate misleading advertisements to promote potentially malicious web pages. Typically, users unintentionally install apps like UpgradeView and are advised to remo
DynamicEntry is a rogue application discovered by our researchers during a routine inspection of new file submissions to the VirusTotal platform. Our analysis revealed that this app is adware belonging to the AdLoad malware family. Adware stands for advertising-supported software. Typica
After reading this "Overdue Contract Funds" email, we determined that it is spam. It is presented as a letter from an established bank alerting the recipient of a ten million USD pending credit to the recipient's banking account. It must be emphasized that the information in this email is false,
While investigating deceptive websites, our researchers discovered this fake "Microsoft Defender" browser extension. This software is not associated with the real Microsoft Defender Antivirus or its developer – the Microsoft Corporation. The malicious extension can modify browser appearance/behavi
I2PRAT is a Remote Access Trojan (RAT) written in the C++ programming language. It is a piece of advanced malicious software that enables remote access/control over infected machines. Since November 2024, I2PRAT has been observed being proliferated via ClickFix scams. I2PRAT is a tri-layer
Our analysis of the email has shown that it is a scam email disguised as a notification regarding a Bitcoin winning. Generally, the email claims that the recipient has won a large sum of money to trick them into disclosing personal information and likely transferring money to scammers. This and si
Our analysis has revealed that this email is a scam designed to lure recipients with the promise of a large sum of money, ultimately tricking them into transferring funds or disclosing personal information to fraudsters. It is important to recognize and ignore such emails to avoid monetary loss, i
Our research team found DeathHunters while browsing file submissions to the VirusTotal platform. This malicious program is based on the Chaos ransomware. After we launched a sample of this ransomware on our test machine, it encrypted files and appended their names with an extension comprising fou
During our examination, we discovered that Tisiqo App is an unreliable/unwanted application that multiple security vendors flag as malicious. We also found that besides not having any real value (functionality) to users, Tisiqo App is utilized to deliver Legion Loader, malware that drops malicious