We discovered LegionRoot ransomware while browsing new file submissions to the VirusTotal platform. Malware within this classification encrypts files and demands payment for the decryption. LegionRoot encrypts files and appends their names with a random character extension. For example, this rans
Our research team discovered the Bbq ransomware-type program while reviewing new submissions to VirusTotal. It belongs to the Makop ransomware family. Malicious software of this kind is designed to encrypt data and demand payment for the decryption. We learned that Bbq ransomware renames encrypte
Our inspection of the "PayPal - Money Received" email revealed that it is fake. Disguised as a notification from PayPal, it informs the account owner that they have been sent 899.99 USD and must verify the transfer. The goal of this phishing campaign is to extract recipients' PayPal log-in credent
After analyzing Tarao Cuviaq Utils, we determined that the app offers no benefits to users and includes malicious elements, such as the Legion Loader. Installing it can result in system infections and various other problems. Therefore, it is strongly recommended to avoid installing this applicatio
We inspected the email and concluded that it is designed to trick recipients into believing they have won a prize (a large sum of money). None of the claims in this email are true, and falling for the scam can lead to monetary loss and identity theft. Recipients should ignore this email to avoid p
After examining this "Payment Released" email, we determined that it is spam. This message requests confirmation of the released payment. The spam email aims to lure recipients into visiting a phishing website targeting account log-in credentials. The spam email with the subject "FW: Payme
Our analysis of the site has shown that it is a crypto scam. Scammers created it to deceive individuals into transferring them cryptocurrency. Victims of such scams usually lose their crypto permanently. It is important to examine crypto-related sites before taking action (e.g., connecting a walle
Interlik.co[.]in is a rogue page discovered by our research team during a routine inspection of untrustworthy websites. Upon examination, we learned that this webpage promotes browser notification spam and redirects users to other (likely dubious/dangerous) sites. Pages like interlik.co[.]in are m
Our research team found the chobsychontleic.co[.]in rogue page during a routine investigation of dubious websites. It operates by promoting spam browser notifications and redirecting visitors to different (likely untrustworthy/harmful) sites. Most users access pages like chobsychontleic.co[.]in vi
"Claim Fomo" is a scam that impersonates the official website of the fomo application. The imitator page implies an airdrop or something similar. Users who are deceived into connecting their digital wallets to the scam site – inadvertently expose it to a cryptocurrency drainer. IMPORTANT NOT