Yurei is a malicious program classed as ransomware. Malware within this classification is designed to encrypt files and demand ransoms for the decryption. On our testing system, Yurei encrypted files and added a ".Yurei" extension to their filenames. For example, a file originally titled "1.jpg"
Our review of the "Request By Admin Department" email revealed that it is spam. It states that the recipient has been requested to sign the shared Microsoft Excel document. This phishing mail aims to trick recipients into disclosing their email log-in credentials (passwords). This spam ema
After inspecting this "DHL - YOUR PARCEL HAS BEEN DELIVERED" email, we determined that it is fake. This phishing email is presented as a package delivery notification. The goal is to deceive recipients into disclosing their email account log-in credentials. The spam email with the subject
After reviewing this "Renew Your Webmail Access" email, we determined that it is spam. This message alerts the recipient that their Webmail version is due to expire soon, so they are urged to renew it to avoid service interruptions. The goal of this phishing campaign is to deceive users into discl
Our research team discovered the logratiousity[.]com rogue page while investigating suspect websites. After examining this webpage, we learned that it promotes browser notification spam and generates redirects to different (likely unreliable/harmful) sites. Most visitors to logratiousity[.]com and
EXTEN is a ransomware-type program discovered by our researchers during a routine inspection of new file submissions to the VirusTotal site. Ransomware operates by encrypting data in order to demand ransoms for its decryption. On our testing system, EXTEN encrypted files and added a ".EXTEN" exte
Korvixnaro.co[.]in is a rogue webpage designed to endorse spam browser notifications and redirect users to other (likely untrustworthy/dangerous) sites. The majority of visitors to korvixnaro.co[.]in and similar pages access them through redirects produced by websites utilizing rogue advertising
Our research team found this fake "Nano Ethereum (NanoETH) Staking" page during a routine investigation of suspicious websites. It promises eligible users entry to an ongoing staking round. This scam operates as a crypto drainer, i.e., by stealing funds from exposed wallets. IMPORTANT NOTE:
Upon inspecting this "Action Required On Your Email Account" message, we determined that it is spam. This email states that the recipient's provider is implementing an update to the email service to improve its reliability and security. The spam campaign aims to deceive recipients into disclosing
While investigating suspect sites, our research team discovered this fake "Troll Coin" website (claim-trololol[.]io; possibly other domains). The page imitates the official site of the TROLL memecoin (troll.run). This scam aims to deceive users into exposing their digital wallets to a cryptocurren