Silver is a Remote Access Trojan (RAT) written in the C# programming language. This malware enables remote access and control over infected machines. It was first noted in the wild in the autumn of 2023. The trojan is quite sophisticated and versatile. Silver has a wide variety of functionalities
BaN is ransomware belonging to the Xorist family. This variant has been identified during the examination of samples uploaded to VirusTotal. BaN is created to encrypt files. Additionally, BaN appends the ".BaN" extension to filenames, displays, and creates a ransom note (an error message and the "
Upon examining the SusScrofa browser extension, we found that it is an untrustworthy program disseminated through a malicious installer. Its capabilities include activating the "Managed by your organization" feature (in Chrome and Edge), reading and changing data on visited pages, and managing the
SparkRAT, coded in the Go programming language, is a cross-platform Remote Administration Trojan (RAT) allowing its operators to manage infected devices through a web browser. This RAT encompasses an array of features, such as a process manager, file explorer, desktop monitor, file editor, and oth
ToolFrequency has been identified as an ad-supported application. The application bombards users with irritating advertisements, and interacting with these ads might lead users to untrustworthy pages. Moreover, ToolFrequency may possess the ability to gather diverse information. ToolFreq
After reviewing the "Gasfees Airdrop", we determined that it is a cryptocurrency-draining scam. The scheme is presented as an airdrop of the Gwei cryptocurrency, which will supposedly refund the Ethereum Gas that the participant has spent. It is pertinent to mention that "Gasfees Airdrop" has bee
HostaSieboldiana is a malicious browser extension that our researchers discovered in an installer promoted by a deceptive webpage. This piece of software has a variety of harmful capabilities, including data tracking. It is noteworthy that setups like the one endorsing this extension can be bundl
After inspecting this "Chase Bank Invoice" email, we determined that it is spam. It is disguised as an invoice sent by the Chase Bank. The goal is to get recipients to call the fake support line with the intention of reversing the purchase transaction. After calling, the scam aims to deceive victi
Upon inspecting a malicious installer, we discovered an unreliable app called PelargoniumHortorum. We found that this app can read data on all websites, manage themes and extensions within the affected browser, and enable the "Managed by your organization" feature in Chrome and Edge browsers. It i
Our research team found Mesmerised ransomware while reviewing new file submissions to the VirusTotal website. This piece of malicious software is designed to encrypt files and demand ransoms for the decryption. On our testing system, Mesmerised encrypted files and altered their filenames. To elab