After inspecting this "Spotify Can't Process Your Payment" email, we determined that it is fake. This spam message claims that there has been an issue processing the recipient's "Spotify Premium Family" subscription. It must be emphasized that this email is not associated with the real Spotify. Th
Darkness is ransomware that we discovered during our analysis of malware samples uploaded to VirusTotal. It is designed to encrypt files on the infected device and append a string of random characters (possibly a victim's ID), and its extension ".Darkness" to filenames. Also, Darkness provides a r
Our researchers discovered SpiderPery ransomware while investigating new submissions to the VirusTotal platform. This malware encrypts data and demands payment for the decryption. On our test machine, SpiderPery encrypted files and added a unique ID and the ".SpiderPery" extension to their filena
We have reviewed the email and determined that it is part of a sextortion scam. These types of scams typically use threatening language to scare the recipient into sending money, even though the claims made are false and fabricated. Such emails should be ignored to avoid monetary loss or other neg
While browsing suspect websites, our researchers found this fake "Gigabrain" token airdrop. This deceptive page impersonates the official Gigabrain website (gigabrain.gg). It must be emphasized that this airdrop is fraudulent and not associated with the actual Gigabrain site. This scam aims to ste
BlackFL is ransomware that we discovered while inspecting samples submitted to VirusTotal. After execution, BlackFL encrypts files, provides a ransom note ("BlackField_ReadMe.txt"), and appends its extension (".BlackFL") to files. For example, it renames "1.jpg" to "1.jpg.BlackFL", "2.png" to "2.p
While inspecting new submissions to VirusTotal, our researchers discovered the AIR ransomware. This malicious program belongs to the Makop ransomware family. Malware of this kind is designed to encrypt data and demand ransoms for the decryption. On our test machine, AIR (Makop) ransomware encrypt
We have inspected the email and concluded that it is a phishing attempt. It is designed to appear as a message from an email service provider and contains a link to a fake site. The goal is to steal personal information from recipients. Such emails should be ignored and deleted. The phishi
Our analysis of the site (paragaming.claim-portal[.]live) has uncovered that it is a deceptive page mimicking the original Param Gaming site (paramgaming.com). The scammers behind the fake website aim to trick visitors into performing steps that could lead to financial loss. Thus, it is important
Our research team found the larygeously.co[.]in rogue page while investigating suspect websites. It operates by endorsing spam browser notifications and producing redirects to different (likely untrustworthy/dangerous) sites. Larygeously.co[.]in and similar webpages are primarily accessed through