We discovered Uragan during an inspection of malware samples uploaded to VirusTotal and determined that it is ransomware. After execution, Uragan encrypts data and appends the ".uragan" extension to files (e.g., it renames "1.jpg" to "1.jpg.uragan", "2.png" to "2.png.uragan", etc.). It also drops
Privacy Protector is promoted as a tool that automatically blocks web trackers and protects data for secure browsing. However, during our inspection, we noticed that Privacy Protector displays advertisements. Thus, our team classified this extension as adware. Users should avoid adding adware to t
Our inspection of the website (airdrop-ion[.]live) has revealed that it promotes a fraudulent crypto giveaway. The site mimics the appearance of the original Ice Open Network platform (ice.io) to appear legitimate and trick visitors into "participating". Victims of this scam may lose their cryptoc
TrustConnect is a type of malware called a RAT. It is offered as a Malware-as-a-Service (MaaS) and enables cybercriminals to remotely control infected devices. TrustConnect can steal data, take banking info, and even damage files or computers. If detected, this RAT should be removed immediately.
We have reviewed the email and classified it as a phishing attempt. It is disguised as a "final reminder" from the email service provider to trick recipients into following the provided instructions. The scammers behind this scam seek to steal personal information via the provided website (a fake
Our team has inspected the message and concluded that it is written by scammers seeking to trick recipients into believing it is a Shopify notification. This deceptive email urges recipients to use the provided link to update their payment information. The included page is used to steal personal i
Our examination has revealed that this is a fraudulent email made to look like a message from the email service provider. It includes a link that leads to a fake login page and attempts to collect personal information. Scams of this type are classified as phishing attempts. Users should recognize
We have determined that this is a phishing attempt designed to look like an automated notification from the mail delivery system. It includes a deceptive link that leads to a fake email account login website. The purpose of this scam is to trick recipients into revealing personal information.
Our team has found that claims-warsonusd1[.]com is a deceptive website mimicking the original War on USD platform, waronusd1.com. The fake site promotes a "rawards program" to lure users into connecting their wallets. If visitors interact with the site, they may have their cryptocurrency holdings
During our inspection, we found that this is a phishing email designed to appear as a notification from the email service provider. The fraudsters behind it seek to trick recipients into believing they must authenticate their accounts via the provided website. Their goal is to steal personal infor