Hommy is a ransomware-type program that we discovered during a routine inspection of new submissions to the VirusTotal website. Hommy belongs to the Makop ransomware family. It encrypts files, renames them, drops a ransom note ("+README-WARNING+.txt"), and changes the desktop wallpaper. On our te
We have inspected this email and determined that it is a scam. It informs recipients that they have been randomly selected to receive a large number of Tesla (TSLA) shares worth over four million dollars and instructs them to get in touch to claim this prize. This is a classic advance-fee scam des
We have inspected this email and determined that it is a phishing scam impersonating American Express. The message claims that a personal loan worth $18,940.00 has been approved for the recipient, then uses a fake security alert to lure them into clicking a verification link. The scammers behind i
We have examined this email and determined that it is a phishing scam disguised as an internal Human Resources notice about a compensation and benefits review. The included link leads to a fake email account sign-in page designed to steal login credentials. This email should be ignored, as interac
We have inspected rewards-gacha[.]com and found that it promotes a fake $GACHA token airdrop, impersonating the PowerGacha platform (powergacha.io). It is designed to trick visitors into connecting their wallets to "claim" tokens, which can lead to financial losses. IMPORTANT NOTE: We do not
We have inspected the website (vote-getgrass[.]app) and found that it operates as a fake $GRASS rewards voting page. It impersonates the legitimate Grass platform (grass.io) and is designed to trick visitors into connecting their cryptocurrency wallets, which can lead to financial losses. IM
Our researchers discovered the Fusebase Search browser hijacker while inspecting extensions distributed through dedicated download pages. Fusebase Search modifies browser settings so that searches and new tabs are handled by s.fusebase-search.com. This extension is also considered a privacy threa
We inspected Video Search Extension and found that it is a browser hijacker. Once added to a web browser, this extension changes the default search engine to myvideolibrary.info, a fake search engine. Myvideolibrary.info is promoted by multiple hijacker extensions, with Video Library Search being
Easy Login is a browser extension for Google Chrome and other Chromium-based browsers. Our team inspected it after noticing that it is promoted through the loginonlineapp.com website. Based on our findings, Easy Login behaves as a browser hijacker. Although its Chrome Web Store page describes Eas
We have examined the email and concluded that it is a scam. The message is designed to appear as an automated storage warning from an email service provider. The scammers behind it seek to trick unsuspecting recipients into entering their email login credentials on a fraudulent website. This scam