DIKE is ransomware that cybercriminals use to blackmail victims. It encrypts files and generates "info.hta" and "info.txt" files that contain ransom notes. We have discovered DIKE while checking VirusTotal for submitted malware samples. It was found that DIKE is part of the Phobos ransomware famil
Discovered by our researchers while inspecting untrustworthy websites, allowww[.]com is a rogue webpage. It operates by promoting browser notification spam and redirecting visitors to unreliable/malicious sites. Most users enter allowww[.]com and similar websites inadvertently. Users can access t
Next-message[.]com is an untrustworthy website designed to trick visitors into allowing it to show notifications. It uses a clickbait technique/displays deceptive content to get that permission. Our team has discovered next-message[.]com while inspecting pages that use rogue advertising networks.
Our team has analyzed this email and found that it is disguised as a letter from the email service provider. It contains a hyperlink that opens a phishing website asking to provide login credentials. The purpose of this phishing email is to trick recipients into providing their email account passw
Yoursecuresoft[.]com is a rogue website that promotes deceptive material, pushes browser notification spam, and redirects visitors to other unreliable/malicious sites. Our research team found this page while inspecting shady websites. Most users access yoursecuresoft[.]com and similar webpages vi
Discovered by our research team while inspecting new malware submissions on VirusTotal, 1k3pl is a piece of malicious software categorized as ransomware. After being executed on our test system, 1k3pl began encrypting files and renaming them by appending the filenames with a random character stri
S-400 is the name of a Remote Access Trojan (RAT) that our research team found while inspecting new malware submissions to VirusTotal. Trojans of this type enable stealthy remote access and control over infected devices. RATs typically have a broad range of functionalities that allow them to perfo
Pushbus[.]com is a rogue website our researchers discovered while inspecting suspicious sites. This page promotes browser notification spam by using deception, and it can redirect visitors to other untrustworthy/malicious websites. Most visitors to such webpages enter them via others that use rogu
Forest Start Tabs is a browser hijacker designed to promote foreststarttabs.com - a fake search engine. It hijacks a web browser by changing its settings. Our malware researchers have discovered Forest Start Tabs while examining various deceptive websites and sites that use rogue advertising netwo
"Army of Ukraine need your support" is a scam email our researchers discovered and analyzed. This fake letter urges recipients to donate to the Ukrainian army in their efforts to protect their country's independence. With the onset of war in Ukraine, cyber criminals have taken to abusing these har