Our discovery of Gnsyihong occurred during an inspection of malware samples submitted to VirusTotal. We found that Gnsyihong is ransomware that encrypts files and appends the victim's ID and ".gnsyihong" to them. It also drops the "README.TXT" file containing a ransom note. Gnsyihong is identical
The "Claim KAITO" scam imitates the Kaito AI platform (kaito.ai). It entices users to expose their digital wallets to a cryptocurrency drainer by promoting a fraudulent KAITO token airdrop. Victims of this scam have their digital assets siphoned from their wallets – thus, they can experience a sig
After examining this "LinkedIn Message Notification" email, we determined that it is fake. It is presented as a notification concerning a LinkedIn message about a potential purchase. This email promotes a phishing website that targets email account log-in credentials (passwords). This spam
Upon reading this "United Nations - Scam Victim Compensation" email, we determined that it is spam. This is a phishing scam that targets recipients' personal information by claiming that they will be reimbursed nine hundred thousand USD from a fund for scam victims. It must be emphasized that thi
While examining questionable reputation websites, our researchers found the apptrue[.]monster rogue page. Upon inspection, we learned that it promotes deceptive content and browser notification spam. This webpage can also produce redirects to other (likely untrustworthy/hazardous) sites. Most vis
Our analysis of the site has shown that it is a fraudulent web page that uses fear tactics to promote a computer security solution. While such websites can promote legitimate products and services, their methods are not legitimate. Thus, users are advised to ignore them and close such sites if the
Our research team discovered this fake "Claim Kaspa" webpage while investigating suspicious sites. The lure is an unclaimed token airdrop, and those who attempt to participate – expose their cryptowallets to a cryptocurrency drainer. It must be emphasized that this scam is in no way associated wit
We have examined ficullbele.co[.]in and discovered that it uses a deceptive method to trick visitors into granting it permission to send notifications to their devices. If allowed, ficullbele.co[.]in can show notifications designed to promote unreliable websites, including various scams. Thus, fic
Our analysis of the email has shown that it contains a fake notification regarding an email account update. It is crafted to lure unsuspecting recipients into opening a fake web page and disclosing personal information. Such scams are known as phishing attempts, and they should be ignored to avoid
Krypt is a ransomware-type program that encrypts data and demands a ransom for its decryption. Files encrypted by Krypt have their names altered. Original filenames are changed to a random character string and appended with a ".helpo" extension; for example, a file titled "1.jpg" on our test machi