Window-save[.]com is a deceptive page running the "You've Visited Illegal Infected Website" scam and asking for permission to deliver notifications. We have discovered it while examining other sites that use rogue advertising networks. Websites like window-save[.]com can never be trusted and shoul
Noctua is a ransomware variant belonging to the Makop ransomware family. Our team has discovered this variant during the analysis of malware samples submitted to VirusTotal. It was found that Noctua encrypts files and appends a string of random characters, the noctua0302@goat.si email address, and
"Your phone is severly damaged by viruses" is a scam that our research team discovered while inspecting rogue websites. It claims that the visitor's mobile device has suffered damage from viruses and urges them to renew their McAfee anti-virus subscription. It must be emphasized that all these cl
We have discovered the womenlifewellness[.]com page during the analysis of various torrent pages, illegal movie steaming, and other sites that use shady advertising networks. It is an untrustworthy page that runs some health fraud scam and asks for permission to show notifications. The cre
Our team has analyzed this email and found that it is a fake email notification from Tinder claiming that someone has matched with you. It is worth mentioning that Tinder actually sends such notifications to its users. However, this one is sent by scammers who attempt to trick users into opening a
Our malware researchers have discovered a new Djvu ransomware variant called Tuid (it was found while checking malware samples submitted to the VirusTotal page). This variant encrypts files, appends the ".tuid" extension to filenames, and creates a ransom note (it generates a text file named "_rea
Putin_Huilo_NoWar is ransomware that our team has discovered while checking the VirusTotal page for submitted malware samples. While analyzing this ransomware, we noticed that it did not encrypt our files (but may encrypt files stored on other computers). Also, Putin_Huilo_NoWar displayed a pop-up
After analyzing this email scam, we concluded that it is a phishing email used to steal sensitive information. Scammers behind it pretend to be the Binance team. Their goal is to trick users into believing that they can receive 0.10 BNB tokens for linking their wallet with a Binance account via th
It is a phishing scam used to trick unsuspecting users into providing credit card details. Scammers use a deceptive website disguised as the official Apple page to extract information. That site is promoted using other pages that use rogue advertising networks and mobile text messages (smishing
Our team has analyzed this email and found that it is disguised as a letter from a bank called Raiffeisen (a legitimate banking company). It is written in the Czech language and contains a website link. Scammers behind it attempt to trick recipients into providing sensitive information on a decept