AtlasCross is a Remote Access Trojan (RAT) that lets attackers secretly control a victim's computer. It is known that cybercriminals target mainly Chinese-speaking users and use fake download websites for popular apps to distribute the RAT. AtlasCross is also designed to avoid detection. C
During our inspection, we discovered that hyperswaps-voting-com.pages[.]dev is a deceptive website designed to promote a fake cryptocurrency giveaway. If unsuspecting visitors follow the site's instructions, they risk losing their cryptocurrency holdings. This fake giveaway should be avoided.
Our team has examined the message and concluded that it is a fake "suspension notification" designed to trick recipients into opening a fraudulent login site. That page is used to steal personal information. Emails of this type are classified as phishing attempts. They should be recognized as igno
We have analyzed podomming[.]com and found that it uses a clickbait tactic to trick users into allowing notifications. After permission is granted, it may be misused to push scams and other unwanted content. It is best not to trust websites like podomming[.]com and to exit them if they are encount
NBLock is ransomware that we have discovered during our routine examination of samples uploaded to VirusTotal. This ransomware encrypts files and appends its extension (".NBLock") to them. In addition to locking files, NBLock changes the desktop wallpaper and drops a ransom note ("README_NBLOCK.tx
We have checked panneyess[.]com and found it uses clickbait to mislead visitors into enabling notifications. Once granted, this permission can be abused to deliver scams and other unwanted content. It is strongly recommended to avoid trusting sites like panneyess[.]com and close them if visited.
We have reviewed pocamish[.]com and found that it uses clickbait to trick visitors into allowing it to display notifications. When unreliable websites have this permission, they exploit it to push scams and similar content. It is highly advisable not to trust websites like pocamish[.]com to avoid
We have inspected the page (fort2026[.]com) and concluded that it is a scam. The site offers users to receive information about the price of their Fortnite inventory. However, its real purpose is to steal personal information that can be used to hijack accounts. Thus, this site should be avoided a
Our examination shows that orionnero.co[.]in is designed to display a deceptive message to persuade visitors to enable its notifications. If the instructions are followed, the site gains permission to send notifications to the device, which may then be used to push potentially harmful content (e.g
TorBrowserTor is ransomware that we have discovered while analyzing malware samples uploaded to VirusTotal. Once executed, TorBrowserTor encrypts files and appends the ".torbrowsertor" extension to files (e.g., renames "1.jpg" to "1.jpg.torbrowsertor", "2.png" to "2.png.torbrowsertor", etc.). It a