Our researchers discovered the Tiger ransomware during a routine inspection of new submissions to the VirusTotal website. This malicious program is part of the GlobeImposter ransomware family. On our test machine, Tiger encrypted files and appended their filenames with a ".Tiger4444" extension. T
Our researchers found this ransomware – Cybertron – while inspecting new submissions to the VirusTotal platform. This program belongs to the MedusaLocker ransomware family. Cybertron is designed to encrypt files and demand ransoms for the decryption. After we executed a sample of this ransomware
While investigating suspicious websites, our researchers found the glspromo[.]com rogue webpage. It operates by promoting spam browser notifications and redirecting visitors to other (likely dubious/dangerous) pages. Glspromo[.]com and analogous webpages are primarily accessed through redirects ge
We have examined the email and concluded that it is disguised as a notice of irregularity from the "Air Transport Association". The scammers behind it likely seek to trick recipients into disclosing personal information or transferring money (paying for fake services). This email should be ignored
Goinroads[.]com is a rogue website intended to trick users into receiving browser notification spam. It can also produce redirects to other (likely untrustworthy/dangerous) sites. Most visitors to goinroads[.]com and analogous pages access them through redirects generated by websites employing ro
During our examination, we found that goldengrinder[.]top is designed to trick visitors into agreeing to receive notifications. If permitted, goldengrinder[.]top can display fake warnings and similar messages. These notifications can direct users to untrustworthy web pages. Thus, goldengrinder[.]t
Our inspection of the "Account Validation Request" email revealed that it is spam. This message informs that several emails failed to reach the inbox, and the recipient is instructed to validate their account. This spam mail aims to trick recipients into exposing their email account log-in credent
DoubleTrouble is a banking Trojan targeting Android users. It is capable of stealing various information using different techniques. DoubleTrouble was initially spread via phishing sites mimicking major European banks, but now is delivered using fake websites hosting malware directly on Discord ch
While inspecting suspicious sites, our research team discovered this fake "Centric" website. It imitates the official site of the Centric dual-token cryptocurrency (centric.com). The purpose of this scam is to trick users into exposing their digital wallets to a cryptocurrency drainer. IMPOR
During our examination of claim.naoriprotocol[.]xyz, we found that it is a fraudulent website. It mimics the original Naoris Protocol website (naorisprotocol.com) to trick visitors into connecting their wallets. The ultimate goal is to steal cryptocurrency from users. IMPORTANT NOTE: We do n