Threats
SPICA Backdoor Linked to Russian Hacker Collective
The Threat Analysis Group (TAG) at Google revealed that the Russian hacking group COLDRIVER is engaged in credential phishing activities targeting prominent NGOs, former intelligence and military personnel, as well as... Read more
ToolFrequency Adware
ToolFrequency has been identified as a supported application that displays advertisements to users, causing annoyance. Interacting with these ads may lead users to unreliable pages, and ToolFrequency might also have... Read more
Karsovrop Ransomware Demands Bitcoin Ransom
Karsovrop, a type of ransomware, is a malicious program that encrypts data and demands ransom payments for decryption. Our research team encountered Karsovrop while going over newly discovered malicious file samples.... Read more
PureLand Stealer
PureLand is a type of stealer malware designed to target Mac devices with the intent of extracting information from infected systems. Specifically, it focuses on pilfering data from cryptocurrency wallets and other... Read more
Gebehee.top Runs Misleading Survey
When examining gebehee.top, we discovered that the site employs a misleading survey and prompts users to grant notification permissions. Additionally, gebehee.top directs visitors to other questionable websites.... Read more
Mesmerised Ransomware Encrypts Victim Files
Our research team came across Mesmerised ransomware while examining recently discobered file samples. This malicious software is crafted to encrypt files and demand ransom payments for decryption. During our testing... Read more
Uphasp.app Adware
It has been identified that Uphasp.app is an ad-supported application linked to the Pirrit family. This application inundates users with bothersome advertisements, and engaging with these ads may lead to redirection... Read more
Jupiter Airdrop Scam
The "Jupiter Airdrop" page we ran into has been identified as a fraudulent scheme. Despite claiming to distribute the Jupiter (JUP) cryptocurrency, this airdrop is designed to function as a crypto drainer, depleting... Read more
BaN Ransomware Locks Most Files
BaN, a type of ransomware associated with the Xorist family, was detected during the analysis of new file samples. BaN is designed to encrypt files and appends the ".BaN" extension to filenames. Alongside this, it... Read more
Carboxyl.app Adware
Carboxyl.app is an ad-supported application affiliated with the Pirrit family. This application inundates users with intrusive advertisements, and engaging with these ads can result in access to unreliable pages.... Read more
Chase Bank Invoice Email Scam
Upon scrutinizing the email with the subject line "Chase Bank Invoice," it has been determined to be a form of spam, falsely presented as an invoice from Chase Bank. The deceptive intent is to prompt recipients to... Read more
AndroxGh0st Botnet Comes Up in CISA's Radar
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation have issued a warning regarding the deployment of the AndroxGh0st malware by threat actors. These actors are... Read more
Re-captha-version-3-58.top Displays Misleading Messages
Re-captha-version-3-58.top is a misleading website recognized for engaging in push notification scam activities. Operating under the guise of legitimacy, the site deceives users into subscribing to its notifications.... Read more
Mailbox Password Security Update Email Scam
Upon examining the email titled "Mailbox Password Security Update," it was determined to be spam with deceptive intentions. The message falsely asserts that the recipient's mailbox faces security issues, aiming to... Read more
Bigpanzi Botnet Infects Hundreds of Thousands of Android Devices
Security experts have attributed a Distributed Denial of Service (DDoS) botnet, potentially affecting millions of smart TVs and set-top boxes, to an established cybercrime group known as Bigpanzi, active for eight... Read more
QQL Mint Pass Scam
The "QQL Mint Pass" functions as a deceptive crypto-draining scam, mirroring the QQL generative art collaborative experiment associated with the Archipelago platform. Drawing inspiration from the QQL algorithm, this... Read more
PatchWorkApt Ransomware is a New Chaos Spinoff
PatchWorkApt is a newly discovered variant of the Chaos ransomware. Upon infiltrating a computer system, PatchWorkApt encrypts files, adds a series of random characters to filenames, and generates a ransom note named... Read more
DiscoveryUniversefld Shows Misleading Warnings
DiscoveryUniverse is an ad-supported application designed to function within a Macintosh environment, specifically targeting Mac browsers. Once integrated into the browsers, reversing its effects becomes challenging... Read more
