We have inspected Jackpot and found that it is ransomware from the MedusaLocker family. We discovered this ransomware during an examination of malware samples submitted to VirusTotal. Once executed, Jackpot encrypts and renames files, changes the desktop wallpaper, and provides a ransom note ("REA
Our examination shows that this email contains a fake notification from an email service provider. It is designed to trick recipients into opening a phishing website and entering personal information. Falling for this scam can lead to account hijacking and other issues. This scam email inf
ApolloShadow is the name of a malicious program that has been observed in cyber espionage campaigns. It is a custom-built malware used by a threat actor dubbed "Secret Blizzard". This group is believed to be a part of the FSB (Federal Security Service of the Russian Federation). Secret Blizzard ha
Our team has analysed the email and found that it is a fake letter regarding compensation. The scammer behind it pretends to be a well-known person and offers recipients a large sum of money. As a rule, the purpose of such emails is to extract money or information from unsuspecting recipients.
We have tested mobiletips.in and found that it is a questionable search engine promoted through unwanted extensions. These extensions force users to visit mobiletips.in by hijacking browsers. It is not advisable to use mobiletips.in or the associated browser hijackers. Questionable search
Servileness.app is a rogue application discovered by our researchers while reviewing new file submissions to the VirusTotal website. After inspecting this piece of software, we determined that it is adware. We also found that Servileness.app belongs to the Pirrit adware family. Adware st
While browsing dubious websites, our research team discovered the dravixloro.co[.]in rogue page. After examining it, we determined that this webpage promotes browser notification spam and produces redirects to different (likely unreliable/hazardous) sites. Dravixloro.co[.]in and pages akin to it
Acemmully.co[.]in is a rogue webpage discovered by our researchers during a routine inspection of suspicious websites. This page is designed to promote browser notifications spam and redirect users to other (likely unreliable/harmful) sites. Most visitors to acemmully.co[.]in and similar webpages
We have inspected the site and concluded that it is a scam involving a fake alert (and other elements) to trick visitors into taking certain steps. Also, this scam site requests permission to show notifications (granting it can expose users to more scams). Thus, users should close this website if
Bl@ckLocker is ransomware that we discovered during a routine analysis of samples uploaded to VirusTotal. Once executed on a device, Bl@ckLocker encrypts files, appends the ".BL@CKLOCKED" extension to them, changes the wallpaper, and creates a file ("Instructions.html") containing a ransom note.