Bl@ckLocker is ransomware that we discovered during a routine analysis of samples uploaded to VirusTotal. Once executed on a device, Bl@ckLocker encrypts files, appends the ".BL@CKLOCKED" extension to them, changes the wallpaper, and creates a file ("Instructions.html") containing a ransom note.
Our examination of bridgechainweb[.]com has revealed that it uses clickbait to trick visitors into allowing it to show notifications. If the site obtains this permission, it can send fake alerts and similar messages designed to promote potentially malicious websites. Thus, bridgechainweb[.]com sho
During our analysis, we discovered that rechuslier[.]com is created to deceive visitors into allowing notifications. Once given permission, the site can push misleading alerts and similar messages that lead users to various unreliable websites. For this reason, it is best to avoid rechuslier[.]com
We have inspected the email and concluded that it is a fake "ETH Withdrawal Notification" containing a link to a phishing website. The purpose of this scam email is to extract personal information from recipients. Falling for it can lead to financial loss and possibly other issues. The sca
Zavrixmoro.co[.]in is a rogue page discovered by our researchers during a routine investigation of questionable websites. Upon inspection, we determined that this webpage endorses browser notification spam and generates redirects to different (likely unreliable/harmful) sites. Most visitors to za
After inspecting this "Direct Axis Financial Services" email, we determined that it is spam. This scam message offers various loans at a 5% interest rate. The likely goal of this spam campaign is to deceive recipients into disclosing private information or sending money to scammers. It must be emp
Our analysis of the email has shown that it is a deceptive message regarding a donation. Typically, scammers use fraudulent emails like this to extract money and/or trick recipients into disclosing personal information. This and similar messages should not be trusted and should be ignored.
Our researchers discovered this fake "Avalanche (AVAX)" airdrop during a routine investigation. It impersonates the official website of the Avalanche network (avax.network). When a user tries to claim the airdrop, they inadvertently expose their digital wallet by entering its passphrase into a phi
We have inspected search.getbettersearch-api.com and discovered that it is a fake search engine promoted through a browser extension (Better Search) that functions as a browser hijacker. Both fake search engines and browser hijackers should be avoided. If search.getbettersearch-api.com and (or) Be
We have examined the page (swap.fliuild[.]io) and discovered that it is a fake Fluid site designed to steal cryptocurrency. It closely mimics the original platform (fluid.io) to trick unsuspecting users into connecting their wallets. Falling for this scam can result in huge financial losses.