Nkw-protect[.]pro is a rogue page discovered by our researchers during a routine investigation. This webpage is designed to promote browser notification spam and redirect visitors to other (likely unreliable/hazardous) sites. Most users access pages like nkw-protect[.]pro via redirects caused by w
Our inspection of the "Humanitarian Aid And Compensation" email revealed that it is spam. This phishing message seeks to acquire private information by claiming the recipient is eligible to receive 1.5 million EUR as compensation or aid. It must be emphasized that this email is fake and not associ
While investigating suspicious sites, our researchers discovered this fake "Origin Ether (oETH)" airdrop. The deceptive webpage imitates the Origin Protocol platform (originprotocol.com). This scam operates as a cryptocurrency drainer, i.e., by stealing funds from exposed digital wallets. IM
Our team has inspected the email and concluded that it is a deceptive notification regarding a pending internal audit document. The goal is to steal personal information from unsuspecting recipients via a fake website. Such scams are classified as phishing emails. Recipients should always ignore s
Our examination of obeionalmitive[.]com has shown that this site is designed to display deceptive content to lure visitors into agreeing to receive its notifications. Once permission is granted, obeionalmitive[.]com can deliver fake messages created to trick users into interacting with them.
Mastablegary[.]com is a rogue webpage found by our researchers during a routine inspection of untrustworthy sites. After examining this page, we determined that it promotes browser notification spam and generates redirects to other (likely dubious/malicious) websites. Users most commonly access m
SafeLocker is ransomware that we discovered during an inspection of malware samples uploaded to the VirusTotal site. Once active, SafeLocker encrypts the victim's files and appends its extension (".8xUsq62"). For example, it renames "1.jpg" to "1.jpg. 8xUsq62", "2.png" to "2.png.8xUsq62", etc. Als
After reading this "Australia Lottery" email, we determined that it is spam. This is a phishing email that claims the recipient has won 9.5 million USD in a lottery. This spam mail aims to extract private information and potentially trick recipients into sending scammers money. The spam em
We have analyzed oxaterinoseced.co[.]in and found that its purpose is to receive permission to show notifications through clickbait. Once allowed, oxaterinoseced.co[.]in can send misleading notifications. Interacting with these notifications can direct users to potentially malicious websites.
During our inspection of malware samples uploaded to VirusTotal, we discovered the 9062 ransomware, which is based on Chaos ransomware. Upon execution, 9062 encrypts files and appends the ".9062" extension to files (e.g., it renames "1.jpg" to "1.jpg.9062" and "2.png" to "2.png.9062"). Additional