After analysis, it has come to our attention that GoT Phrases modifies the settings of a web browser to promote a specific address (a fake search engine). This activity falls under the category of browser hijacking. Additionally, GoT Phrases can read certain data. Thus, users are advised not to tr
While investigating new file submissions to the VirusTotal website, our researchers discovered the Intel ransomware. This malicious program is part of the Dharma ransomware family. Intel malware encrypts data and demands payment for its decryption. On our test machine, the files encrypted by Inte
Upon examination, it has been determined that Boost Audio is an ad-supported application (browser extension). The classification of Boost Audio as adware stems from its capacity to display intrusive advertisements to users. Additionally, Boost Audio possesses the capability to access forms of data
In the course of our examination, it has been identified that DoctorHelp is malicious software categorized as ransomware. This ransomware is part of the MedusaLocker family. DoctorHelp has been discovered while inspecting samples on the VirusTotal page. The purpose of DoctorHelp is to encrypt file
Upon examination, we have established that The Pray Time application functions as a browser hijacker with the intent to endorse a deceptive search engine. Similar to other applications in this category, The Pray Time engages in browser hijacking by altering the configuration settings of a web brow
After conducting an examination, it has become evident that the content of this email is the work of scammers intending to deceive recipients into divulging sensitive information. Such fraudulent emails are commonly referred to as phishing emails. Recipients should exercise utmost caution and refr
During a routine investigation of new file submissions to the VirusTotal website, our research team discovered the EngineOfflineAlgorithm application. Our inspection revealed that this app is adware belonging to the AdLoad malware family. EngineOfflineAlgorithm operates by delivering intrusive
Our inspection of the "Microsoft Security Team - Password Expiration" email revealed that it is spam. This letter urges the recipient to update their email account, as its password is due to expire today. This phishing mail aims to obtain the log-in credentials of victims' emails. The scam
Upon examination, it has been determined that this email is a fraudulent attempt disguised as a notification from an email service provider. The intention behind this scam is to deceive recipients into divulging sensitive information. These deceptive communications fall into the category of phishi
Upon testing, it has become apparent that CrocutaCrocuta is a malicious extension capable of reading data on all websites, enabling the "Managed your organization" feature, and performing other actions within Chrome (and Edge) browsers. CrocutaCrocuta has been discovered after obtaining a maliciou