Sandgerl[.]com is a deceptive website running a pop-up scam. It displays a fake system notification to trick visitors into believing that their devices are compromised (hacked). Our team has discovered sandgerl[.]com while inspecting other pages that use rogue advertising networks (sites that di
Kekware is a piece of malicious software classified as ransomware. It is designed to encrypt data and make ransom demands for the decryption. We obtained a sample of Kekware from VirusTotal and launched it onto our test machine. This ransomware encrypted files and renamed them following this patt
We have examined the onlinenothome[.]com page and learned that it uses a clickbait technique to trick visitors into allowing it to show notifications. It also redirects visitors to a potentially malicious page. Our team has discovered onlinenothome[.]com while inspecting various pages that use rog
Our malware researchers have discovered a new Djvu ransomware variant called Errz. It was found while examining malware samples submitted to the VirusTotal site. Errz is ransomware that encrypts files and appends the ".errz" extension to filenames. It provides a ransom note by creating a text file
Our team has examined this email and concluded that it is a typical lottery scam. Scammers behind it attempt to trick recipients into sending them money (and possibly personal information) by claiming that they have won a lottery. This email is disguised as a Canadian lottery winning notice.
Our researchers found the bluestringline[.]com rogue webpage while inspecting dubious sites. This page is designed to push browser notification spam and redirect visitors to different (likely deceptive/malicious) websites. Most users access sites like bluestringline[.]com via redirects caused by p
While inspecting dubious download websites, we found the Cricket Start browser extension. It promises quick access to Cricket sports results and updates. After analyzing this piece of software, we determined that it operates as a browser hijacker promoting the search.nstart.online fake search engi
Following our inspection of the "World Health Organization Beneficiary" email, we determined that it is spam that operates as a phishing scam. These fake letters attempt to extract recipients' personally identifiable details - by claiming that this information must be provided to receive a huge f
While inspecting dubious download websites, our researchers found the Ultimate Ad Eraser browser extension. This piece of software is promoted as an adblocker - a tool capable of removing and altering online ads. However, after analyzing Ultimate Ad Eraser, we learned that it operates as adware in
Nominatus Ransomware 2 is malware that encrypts files and generates a ransom note (the "NominatusRansomware2Message.txt" file). We have discovered this ransomware while inspecting malware samples submitted to the VirusTotal website. Unlike most ransomware variants, Nominatus Ransomware 2 does not