After reading this "PROTON LOTTERY" email, we determined that it is spam. The fake message claims that the recipient has won over three hundred thousand USD in a lottery. It must be emphasized that this information is false, and this mail is not associated with any legitimate entities. It is a ph
Our examination of the email has revealed that it is a phishing email designed to steal login credentials from unsuspecting recipients. Scammers disguised their message as a notification from Microsoft to lure recipients. Emails of this type should be ignored to avoid potential consequences.
Our analysis indicates that TechBoost functions as adware: the app bombards users with intrusive advertisements that may expose them to scams and other online threats. Furthermore, multiple security vendors have classified TechBoost as malicious. Therefore, users should refrain from installing t
While browsing suspicious sites, our researchers discovered the "DebugDappNode Wallet Connection" scam. The deceptive page (swiftlivechain.pages[.]dev; potentially other domains) claims to be able to rectify various cryptocurrency wallet issues. Instead, the scam operates as a drainer – by stealin
Tiny FUD is a Trojan that targets macOS users. The term FUD (Fully Undetectable) implies that the malware is built to avoid detection by antivirus and other security tools. It tricks security software by changing process names, using DYLD injection, and running commands from a command-and-contro
Networkcycle.co[.]in is the address of a rogue webpage designed to promote browser notification spam and generate redirects to different (likely dubious/hazardous) sites. Most visitors access pages of this kind through redirects produced by websites that utilize rogue advertising networks. Our re
Suaiqi App is a PUA (Potentially Unwanted Application) discovered by our researchers in an installer promoted by a rogue website. This setup also included the fake "Save to Google Drive" browser extension. Upon investigation, we determined that Suaiqi App acts as a dropper for the Legion Loader ma
FlexibleFerret is a piece of malicious software belonging to a Mac malware family dubbed "Ferret". This group of programs is linked to North Korean threat actors. Ferret programs (including FlexibleFerret) have been spread through fake job interviews and software repositories. FlexibleFe
BlackLock is a ransomware-type virus that encrypts files and demands ransoms for the decryption. BlackLock renames encrypted files with a random character string and appends them with a likewise randomized extension. For example, on our test machine, a file named "1.jpg" became "bvir5rvqex4ak8d9.6
Our analysis reveals that CommonBoost behaves like typical adware, flooding users with intrusive ads that can lead to scams and other online dangers. Additionally, several security vendors have flagged CommonBoost as malicious. Thus, users should avoid installing this app and remove it if it is