BlackLegion is ransomware that restricts access to files by encrypting them. Victims cannot open encrypted files without decrypting them. Additionally, BlackLegion creates a ransom note ("DecryptNote.txt") and renames files by appending a string of random characters, an email address, and the ".Bl
Based on our analysis, it has been determined that ConnectedServer is adware. ConnectedServer bombards users with annoying advertisements. Additionally, it possesses the potential to gather diverse data. Typically, applications like ConnectedServer are promoted and disseminated through deceptive
Upon meticulous examination, it has been identified that this email is a typical phishing attempt. Perpetrators orchestrating this phishing campaign masquerade as DHL, a reputable logistics company specializing in courier, package delivery, and express mail services. Their objective is to deceive
Iranian banking trojan refers to an Android-specific malware targeting the customers of multiple Iranian banks. The first campaigns involving this trojan were observed back in December of 2022. While having undergone several iterations, these campaigns are still active as of the time of writing.
Our research team discovered the AdminLibrary rogue app while investigating new submissions to the VirusTotal website. Upon inspection, we identified this application as adware belonging to the AdLoad malware family. AdminLibrary operates by running intrusive advertisement campaigns. Adw
After reviewing the "Your Encrypted Voice Message" email, we determined that it is spam. Presented as a notification regarding received voicemails, this phishing letter aims to trick recipients into disclosing their email account log-in credentials. The spam email with the subject "New mai
Our researchers discovered the "Firewall Update Required" scam during a routine inspection of deceptive websites. Upon investigation, we determined that this is a technical support scam. It falsely claims that the user's device is infected due to outdated Windows firewall security. The goal is to
In the course of our review, it has been identified that Aves is a malicious browser extension capable of taking control of a web browser and gathering various information. The discovery of Aves took place when analyzing a malicious installer acquired from a deceptive website. Aves extensi
Upon examination, it has been established that this email is a fraudulent message sent by scammers posing as Maersk Line, a reputable shipping company. Scammers behind this email aim to trick unsuspecting recipients into opening the presented link and providing personal information. Emails of this
While investigating new submissions to VirusTotal, our research team discovered another ransomware from the Phobos family called LEAKDB. Malware within this classification encrypts data and demands payment for its decryption. On our test machine, LEAKDB ransomware encrypted files and altered thei