AgentUpdater Adware
AgentUpdater displays intrusive and frequently misleading advertisements, categorizing it as adware. In addition to presenting unwanted ads, applications like AgentUpdater may also be designed to harvest specific user... Read more
GooseEgg Malware Linked to Russian Fancy Bear APT
APT28, a threat actor linked to Russia, utilized a security vulnerability in the Microsoft Windows Print Spooler component to deploy a new custom malware named GooseEgg. This post-compromise tool, operational since at... Read more
Precludestore.com Attempts to Mislead Visitors
Precludestore.com presents itself as an innocuous website. However, beneath its seemingly legitimate facade lies a web of deception aimed at exploiting unsuspecting visitors. Upon visiting the site, users are prompted... Read more
Bitcoin L2 Restaking Scam
Upon examination of the "Bitcoin L2 Restaking" online platform, it has been determined to be fraudulent. This deceitful operation functions as a cryptocurrency siphoner, depleting funds from connected digital wallets.... Read more
CR4T Malware Used in DuneQuixote Campaign
Government bodies in the Middle East have become the focus of an undisclosed operation aiming to introduce a fresh clandestine entry point known as CR4T. According to cybersecurity researchers, this activity was... Read more
Diamond (Duckcryptor) Ransomware Will Lock Your Files
While going over newly discovered malicious file samples, our researchers came across the Diamond ransomware, also known as Duckcryptor. This malicious software is engineered to encrypt data and demand payment for its... Read more
Msgmixesco.com Attempts to Spam Ads
In our investigation of msgmixesco.com, we observed attempts to manipulate visitors into specific actions, alongside potential redirections to other dubious websites. Consequently, it is advisable to avoid interacting... Read more
Bgzq Ransomware is Based on Djvu
While going over new malicious file samples we discovered that Bgzq is a member of the Djvu ransomware family. Bgzq operates by encrypting files and appending the ".bgzq" extension to their filenames. For example, it... Read more
Hunt Ransomware Locks Victim Systems
During an examination of new file samples, our research team identified a malicious software named Hunt, which belongs to the Dharma ransomware group. This software is crafted to encrypt both local and network-shared... Read more
Robustsearch.io Pushes Fake Search Engine
In our examination of robustsearch.io, we discovered its association with counterfeit search engines and browser hijackers. While not always the case, robustsearch.io often serves as the final destination in... Read more
Quotation Request Malicious Emails
After going over the email in question, we confirmed that "Quotation Request" is malicious spam, disguising itself as a potential purchase inquiry. The goal is to trick potential victims into opening the malicious... Read more
Bgjs Ransomware Encrypts Victim Data
We discovered that Bgjs is a malicious ransomware application and a member of the Djvu ransomware family. Bgjs functions by encrypting files and adjusting their filenames, appending the ".bgjs" extension. For example,... Read more