cncode[.]pw is a website URL that is injected alongside malicious code into visited websites by installed Potentially Unwanted Applications (PUAs). When the software responsible has infiltrated the system, it spontaneously force-opens various untrusted and dangerous sites. The pages are opened vi
"MOBI GRAND TELECOM Lottery" refers to a spam campaign, a large-scale operation during which thousands of deceptive emails are sent. These scam emails claim that recipients have won the "MOBI GRAND TELECOM" lottery, which is actually bogus. This spam campaign operates as a phishing scam. I.e., it
Jessy is a type of malware that encrypts files and then demands payment to decrypt them (it displays a pop-up window and creates the "FILES ENCRYPTED.txt" file as its ransom messages). Jessy also renames each encrypted file by adding the victim's ID, jessymail26@aol.com email address, and appendi
In most cases cyber, criminals behind phishing emails such as this attempt to obtain sensitive information including login credentials (passwords, emails, etc.), credit card details and other details, which could be misused for malicious purposes. In this particular case, scammers attempt to dece
Belonging to the Dharma ransomware family, ROG is a malicious program designed to encrypt data and demand ransoms for decryption. I.e., this malware renders files inaccessible and demands payment to recover access to the affected data. During the encryption process, files are renamed following th
Typically, users do not visit web pages such as destinynewyorks[.]co intentionally - they are promoted through potentially unwanted applications (PUAs), dubious advertisements, and other untrusted websites. There are many pages similar to destinynewyorks[.]co on the web. Some examples are very-im
"Clustered e-mails pending" is an excerpt from scam emails, which serves as the title for the spam campaign distributing these messages. The deceptive emails claim that recipients have messages waiting to be delivered into their inboxes. Note that the information provided by "clustered e-mails pen
very-important[.]online is a rogue website, which operates by presenting visitors with dubious material and redirecting them to other untrusted/malicious sites. Users rarely access pages such as very-important[.]online intentionally - most are redirected to them by intrusive ads or installed Poten
Perfection is malware that is used to extort money from victims. Like most ransomware variants, Perfection encrypts files and keeps them inaccessible, encouraging victims to recover them with decryption software that can only be purchased from the attackers. This ransomware appends the ".perfecti
Sandboxtest is a malicious program, which is part of the Xorist ransomware family. It is designed to encrypt data and demand payment for decryption. I.e., the files stored on the compromised system are rendered inaccessible and the victims are presented with ransom demands to restore them. When t