PLU is ransomware that our team discovered while checking samples recently uploaded to the VirusTotal platform. Upon infiltration, PLU encrypts files and changes their filenames. It also drops a ransom note ("IMPORTANT.txt") and changes the desktop wallpaper. An example of how PLU renames files:
We have inspected the email and concluded that its purpose is to deceive recipients into transferring money to scammers (e.g., paying for fake services) and (or) disclosing personal information. Scammers disguised this fraudulent message as a winning notification to lure unsuspecting recipients. T
Resdfirewall.co[.]in is a rogue page discovered by our researchers during a routine investigation of suspicious websites. This webpage promotes browser notification spam and redirects users to other (likely dubious/dangerous) sites. Most visitors to pages like resdfirewall.co[.]in enter them throu
"Choose Your Chrome Tools" is a piece of unwanted software endorsed as a browser extension management tool. It supposedly allows users to customize what extensions are active on which websites. Instead, the Choose Your Chrome Tools extension can make changes to browser appearance and behavior, as
While investigating suspicious sites, our researchers discovered the "Browser WatchDog for Chrome" unwanted browser extension. It is promoted as a tool for improving the browsing experience by removing undesirable/dangerous extensions. Browser WatchDog for Chrome collects sensitive browsing data a
Browser Checkup for Chrome by Doctor is a browser extension that claims to enhance browser speed and eliminate "freezing" issues by removing "parasitic" extensions. Instead of delivering the functionality, this piece of unwanted software spies on users' browsing activity and can change browser app
Our inspection of the email has uncovered that it is a typical romance scam. Fraudsters behind such schemes usually aim to exploit the victim financially. Scammers can also use such emails to trick individuals into disclosing personal information. This and similar emails should be ignored to avoid
We have inspected the email and discovered that it is a phishing email designed to trick visitors into opening a deceptive website. Once on the site, potential victims are requested to take actions that can lead to cryptocurrency theft. Thus, this and similar emails should be ignored. This
We have inspected appglobal[.]monster and found that it is an unreliable web page that can deliver deceptive notifications if permission is granted. Also, appglobal[.]monster is used to distribute an unreliable application that contains malicious elements. Thus, users should avoid visiting appglob
Our analysis of progresstransit.co[.]in has shown that the site uses clickbait to lure visitors into agreeing to get notifications from it. Once permission is given, progresstransit.co[.]in can send deceptive notifications to promote other shady pages. Thus, users should not trust progresstransit.