Black TENGU is ransomware that our team found while examining samples uploaded to VirusTotal. Once executed, Black TENGU encrypts files and changes their names by appending the ".TENGU" extension. For instance, it renames "1.jpg" to "1.jpg.TENGU" and "2.png" to "2.png.TENGU". Also, Black TENGU cre
Storm is an information stealer that is sold for between $300 and $1,800. It is written in C++ and is capable of stealing files and information from various apps and extensions, taking screenshots, and loading and executing files. Victims may encounter issues like identity theft, financial loss, a
We have inspected the email and concluded that it is designed to appear as a "delivery failure notice" from the email service provider. It includes a link to a fake login website designed to steal personal information. Victims of this scam may lose access to email accounts and encounter further is
UNC is ransomware from the Dharma family. Our team has discovered this ransomware during an analysis of malware samples uploaded to VirusTotal. After execution, UNC encrypts files and appends the victim's ID, an email address, and the ".UNC" extension to them. It also displays a ransom note (and c
During our examination of skyeco-vote[.]com, we found that this page impersonates the legitimate Sky.money platform and falsely promotes voting rewards for SKY token holders. The site is, in reality, a cryptocurrency drainer designed to steal digital assets from any visitor who connects a wallet t
After inspecting this email, we determined that it is a phishing scam. The message poses as an urgent notification from the recipient's email service provider, claiming that a system update has been completed and that the recipient's mailbox must be re-confirmed within 24 hours or it will be perma
Our research team identified Elite Enterprise while analyzing new file submissions on VirusTotal. Elite Enterprise is ransomware that encrypts files on compromised machines and demands a ransom for decryption. Unlike most ransomware, it does not append any extension to encrypted files - their name
Our analysis has revealed that news-tiwigo[.]cc is a rogue webpage designed to trick visitors into agreeing to receive browser notifications. It does this by displaying a fake robot verification prompt. If the permission is granted, news-tiwigo[.]cc can deliver fake warnings and other misleading n
Our research team came across news-temodu[.]com while looking into suspicious websites. It turned out to be a rogue page - one that tries to trick visitors into enabling browser notifications by presenting a fake identity verification prompt. If the permission is granted, news-temodu[.]com can sta
Mightytechy.com is a search engine that is spread through browser hijackers and unwanted apps. Its users may encounter various scams and other potentially malicious content. For this reason, mightytechy.com is considered an unreliable search engine. Users should avoid it and remove it, along with