During a routine inspection of rogue websites, our research team discovered gr4phic-4rt[.]xyz - a page designed to host deceptive content, push browser notification spam, and redirect visitors to other untrustworthy/malicious sites. Most users enter webpages of this kind via redirects caused by si
Our malware researchers have discovered the Cantopen ransomware while checking the samples submitted to VirusTotal. After analyzing this ransomware, we have learned that it appends the ".cantopen" extension to filenames of all encrypted files and creates the "HELP_DECRYPT_YOUR_FILES.txt" text file
News-heceye[.]cc is a rogue website our researchers discovered while inspecting untrustworthy pages. This webpage is designed to load questionable material, promote browser notification spam, and redirect visitors to other unreliable/malicious sites. Most visitors to news-heceye[.]cc and similar
We have discovered the system-dating[.]top site after receiving a shady email. Our team has examined system-dating[.]top and found that it is designed to trick visitors into agreeing to receive notifications. Additionally, it can open adult pages and other potentially malicious sites. Syst
Discovered during a routine inspection of VirusTotal submissions, Tor is a ransomware-type program. Our researchers have determined that it belongs to the Paradise malware family. Once launched on our test system, Tor began encrypting files and appending their filenames with a "_decryptor_{victim
We have examined this email and found that it is disguised as a letter from an unspecified bank regarding changes in bank account information. It also has a malicious archive file attached to it. After examining the attachment, we learned that it is used to trick recipients into executing NanoCore
LauncherRecord is yet another adware-type application belonging to the AdLoad malware family, which our researchers discovered while inspecting new submissions to VirusTotal. This app is designed to run intrusive advertisement campaigns, and it may have other harmful abilities. Following
Safetyfirst[.]cfd is a deceptive website designed to trick visitors into believing that their computers are at risk/infected with viruses and agreeing to receive notifications. We discovered safetyfirst[.]cfd while examining pages (such as torrent sites and illegal movie streaming sites) that use
Our team has discovered the OriginInput while examining shady websites that display deceptive content to trick visitors into downloading questionable applications. After installation, OriginInput started to display unwanted advertisements. Thus, we have concluded that OriginInput is typical adwa
"I have been watching you" is a spam email our researchers have classified as a sextortion scam. This letter falsely claims that there is proof of the recipient's infidelity and threatens to leak it - unless a payment is made. It must be emphasized that this mail is merely a scam, and none of its