Threats
Cdxx Ransomware is Based on Djvu
While going over malware samples, we discovered that Cdxx is a member of the Djvu ransomware family with its primary goal being data encryption. It follows a pattern of appending the ".cdxx" extension to filenames... Read more
Windows Defender Firewall Alert Pop-up Scam
During an examination of unreliable websites, our researchers identified a technical support scam known as the "Windows Defender Firewall Alert." This fraudulent scheme replicates Windows alerts and falsely asserts... Read more
Reackened.com Hides Ad Spam Behind Fake Captcha
Upon investigating reackened.com, it was observed that the page presents misleading content with the intention of deceiving visitors into performing a specific action. Typically, users arrive at sites like... Read more
Xrp Ransomware Encrypts Victim Drives
While examining new malware samples, we encountered a ransomware variant known as Xrp, affiliated with the GlobeImposter family. Xrp's primary objective is to encrypt files, appending an email address and the ".xrp"... Read more
Your Windows Subscription Has Expired Pop-Up Scam
The page displaying the message in question is a fraud that utilizes fabricated messages, using intimidation tactics to manipulate visitors into specific actions. Additionally, the deceptive webpage requests... Read more
Lockxx Ransomware Comes With Chinese Ransom Note
During our analysis of the malicious software, we observed that Lockxx functions as ransomware: it encrypts files, adds the extension ".lockxx" to file names, and presents a ransom note ("lockxx.recovery_data.hta").... Read more
Secles Ransomware Uses Lengthy Ransom Note
Secles, a form of malware designed to encrypt data, was identified by our research team during a routine examination of new file samples. Malicious programs that encrypt files and demand ransoms for decryption are... Read more
ResourceActivity Adware
ResourceActivity, a ad-supported Mac app, also known as adware. It belongs to the Adload family, known for its numerous similar variants. However, this adware exhibits additional harmful characteristics, including... Read more
ProfessionalServer Adware
Our investigation has uncovered that ProfessionalServer is a program supported by advertising, designed to promote various ads. In addition to its ad-displaying functionality, ProfessionalServer has the capability to... Read more
FilterAdmin Adware
While examining new file samples, our researchers came across the FilterAdmin application. Upon investigation, it was determined that FilterAdmin is a type of adware associated with the AdLoad malware family. This... Read more
DanceTank Adware
DanceTank is an application that functions as adware, presenting bothersome advertisements to users when active. Alongside its ad-displaying behavior, DanceTank has the potential to gather diverse data. Consequently,... Read more
Chinese Threat Actor Linked to NSPX30 Spyware
A previously unknown threat actor with ties to China has been identified in a series of adversary-in-the-middle (AitM) attacks, where legitimate software update requests are exploited to deliver an advanced implant... Read more
NOOSE Ransomware Named After Videogame Entity
NOOSE, a type of ransomware associated with the Chaos family, operates by infecting computers and encrypting files. The ransomware is named after the fictional law enforcement agency in the video game series Grant... Read more
Netflix - Update Your Payment Details Scam
After investigation, it has been established that the email titled "Netflix - Update Your Payment Details" is fraudulent. The deceptive message claims issues with the billing information on the recipient's Netflix... Read more
Cdcc Ransomware Will Hold Your Data Hostage
After a recent analysis of malicious file samples, we discovered the Cdcc ransomware that is linked to the Djvu ransomware family. Its primary objective is to encrypt data, appending the ".cdcc" extension to filenames... Read more
Wholefreshstories.com Pushes Intrusive Ads
During our examination of unreliable websites, our researchers came across the fraudulent webpage wholefreshstories.com. This site is specifically designed to engage in browser notification spam and redirect users to... Read more
ZeroGuard Ransomware Locks Victim Systems
ZeroGuard is a type of ransomware, characterized by its malicious nature. This malware is specifically designed to encrypt files and then demand payment for their decryption. In our testing, when we executed a sample... Read more
WalletConnect & Web3Inbox Airdrop Scam
The "WalletConnect & Web3Inbox Airdrop" page has been identified as a fraudulent scheme. It masquerades as an airdrop organized by WalletConnect and Web3Inbox but is not affiliated with any legitimate services or... Read more
