Our research team discovered the amencest.co[.]in rogue page while investigating dubious websites. Upon examination, we learned that this webpage promotes browser notification spam and redirects users to different (likely untrustworthy/malicious) sites. Most visitors to amencest.co[.]in and simil
While reviewing new file submissions to the VirusTotal website, our researchers discovered Blackransombdbot. This malicious program is based on Chaos ransomware. Software within the ransomware classification operates by encrypting data and demanding ransoms for the decryption. On our test machine
After examining this "Email Quarantine Summary" email, we determined that it is spam. This message is presented as a report on withheld emails. This spam mail aims to lure recipients into revealing their email account log-in credentials to a phishing website. The spam email with the subjec
Our inspection of this "Marathon Petroleum Corp" email revealed that it is spam. It is presented as an invitation to serve as a vendor or supplier for Marathon Petroleum. It must be emphasized that the information in this email is false, and this mail is not associated with the actual Marathon Pe
Our team has examined the email and concluded that it is fraudulent. The scammers behind it aim to trick recipients into believing that they can receive money. Recipients should know how to spot fake emails like this one to avoid falling for them. If this or a similar email gets received, it shoul
Our inspection shows that osx-protect.co[.]in is one of the many deceptive pages designed to trick visitors into granting them permission to show notifications. If this permission is given, sites like osx-protect.co[.]in can bombard users with annoying and often misleading offers, warnings, alerts
Vatican is the name of a malicious program classed as ransomware. This type of malware is designed to encrypt data and demand payment for the decryption. After we executed Vatican ransomware on our testing system, it encrypted files and appended their names with a ".POPE" extension. For example,
We have inspected the email and found that it is a fraudulent message regarding the recipient's mailbox storage. It uses urgent language to trick recipients into taking immediate action. The goal is to steal personal information through a fake website. Scams of this type are classified as phishing
SilentRoute is a Trojan that disguises itself as legitimate software to trick users into launching it. Once active, it collects sensitive information and sends it to a remote server. It is designed to look harmless but operates in the background to steal data without the user’s knowledge. If detec
We have examined the malware (which we discovered while inspecting malware samples submitted to VirusTotal) and found that it is ransomware belonging to the Dharma family. Upon execution, Kyj encrypts files and appends the victim's ID, an email address, and the ".kyj" extension to them. It also pr