Our team has become aware of this email after receiving it to our inbox. After analyzing it, we learned that it is a phishing email purporting to be from WeTransfer. Scammers behind it attempt to trick recipients into clicking the provided link and entering their login credentials on a fake WeTran
Discovered on the 14th of March, 2022 - CaddyWiper is a piece of malicious software designed to wipe the data stored on infected devices. The observed geopolitically-motivated attacks targeted specific Ukrainian organizations; these infections are evidently a cyber element of the war in Ukraine.
Safepcsoftwares[.]com is a page that displays fake virus alerts (messages claiming that a computer is infected) and asks for permission to show deceptive notifications. Our team has discovered safepcsoftwares[.]com while examining other pages that use rogue advertising networks (redirect to shady
Datadefenceservice[.]com is a rogue website our research team found while inspecting untrustworthy pages. It operates by loading deceptive material, promoting spam browser notifications, and redirecting visitors to other (likely unreliable/hazardous) sites. Most users enter such webpages via redi
During a routine inspection of rogue websites, our researchers discovered the protectconnection[.]icu site. When we accessed this webpage, we noted that it ran a variant of the "(3) Viruses have been detected on your iPhone" scam. Deceptive content of this type usually lures users into download
We have discovered the defender-scanner[.]com website while examining various illegal streaming, torrent, and similar sites that use questionable advertising networks. We learned that defender-scanner[.]com is a deceptive website used to collect illegitimate commissions. It also asks for permissio
Putinwillburninhell is ransomware that was discovered by MalwareHunterTeam. This piece of malware encrypts files and appends the ".putinwillburninhell" extension to their filenames. For instance, it renames "1.jpg" to "1.jpg.putinwillburninhell", "2.png" to "2.png.putinwillburninhell". Also, it cr
News-cihumo[.]cc is a rogue website our researchers discovered while inspecting untrustworthy sites. This page operates by loading questionable content, pushing browser notification spam, and redirecting visitors to other (likely unreliable and harmful) websites. Most users enter webpages like new
Our researchers discovered the cleanHistory browser extension while inspecting dubious download webpages. Following our analysis, we learned that this piece of software operates as a browser hijacker. It modifies browser settings in order to promote the cleanhistory.xyz fake search engine. Additio
MyZen Tab is a browser extension that our researchers discovered while inspecting dubious download webpages. In vague terms, MyZen Tab's promotional material describes it as a new browser tab customization tool. After analyzing this piece of software, we determined that it operates as a browser hi