Our research team found the safaran.co[.]in rogue page while browsing dubious websites. After examining this webpage, we learned that it endorses browser notification spam and generates redirects to different (likely unreliable/dangerous) sites. Most visitors to safaran.co[.]in and analogous page
While investigating suspect websites, our researchers found this "$DEEP Token Presale" scam. This fake presale event operates as a crypto drainer – by draining funds from exposed cryptocurrency wallets. It must be emphasized that this scam is not associated with the real DeepSeek company. IM
We have examined the email and found that it is a scam disguised as a notification from the Afrihost Customer Service Team. It is designed to lure recipients into opening a fake web page and disclosing personal information. Such emails are called phishing emails. They should be ignored and deleted
We have examined the email and concluded that it is a fake letter from a company (supposedly "SOLVAY SA") regarding an urgent supply inquiry. Scammers use such emails to steal personal information and (or) money from unsuspecting recipients. Thus, if received, they should be ignored and deleted.
Our research team discovered the QQ ransomware while inspecting new file submissions to the VirusTotal site. Malicious programs within this category encrypt data and demand ransoms for its decryption. After we executed a sample of this ransomware on our test machine, it encrypted files and append
We have examined the site and concluded that it hosts a pop-up scam. This scam involves a fake McAfee warning regarding computer security. Typically, scammers behind such schemes aim to collect illegitimate commissions or steal personal information or money. Thus, it is highly advisable to ignore
While investigating deceptive sites, our research team found the "DeepSeek Crypto Giveaway" scam. This fake giveaway promises twice the return on Bitcoin, Ethereum, and Solana cryptocurrency or DeepSeek tokens contributed. Instead of receiving any amount, victims lose all that they transfer to the
DeepSeek For YouTube is promoted as a tool that quickly provides concise summaries of YouTube videos, allowing users to grasp the content in seconds. However, our analysis has shown that DeepSeek For YouTube is a browser extension that can show unwanted advertisements. Thus, we classified it as ad
Our analysis of BlackHeart has shown that this is ransomware belonging to the MedusaLocker family. Upon execution, BlackHeart encrypts data and appends the ".blackheart138" extension to files (e.g., renames "1.jpg" to "1.jpg.blackheart138", "2.png" to "2.png.blackheart138", etc.). It also drops a
We have inspected basicnetworkchain[.]com and learned that hosts the "You've visited illegal infected website" scam. Also, the page requests permission to show notifications and, if allowed, it bombards users with more deceptive content. Thus, it is highly dvisable to avoid visiting basicnetworkch