FunkLocker, also known as FunkSec, is a ransomware-type program. It operates by encrypting files and demanding ransoms for the decryption. After we executed a sample of FunkLocker (FunkSec) ransomware on our test machine, it encrypted files and appended their names with a ".funksec" extension. To
Our investigation of bridgeconnection.co[.]in revealed that it uses clickbait to gain permission to show notifications. Once granted, the site can display misleading notifications that redirect users to unreliable websites. As a result, it is best to avoid bridgeconnection.co[.]in to protect yours
BasicLocator is an adware-type app that our researchers discovered while browsing new submissions to the VirusTotal website. Upon investigation, we learned that BasicLocator is part of the AdLoad malware family. Advertising-supported software is designed to generate revenue for its developers/pu
After inspecting the email, we found that it was sent by scammers impersonating Cryptopia. The goal of this scam email is to trick recipients into providing personal information through a fake website. Such emails are known as phishing emails. Recipients should be able to recognize them and should
After examining this "eBucks Rewards" email, we determined that it is fake. This spam message promotes a phishing website, which the recipients are lured into visiting through claims of unredeemed eBucks rewards. It must be emphasized that the information in this email is false, and this mail is
After inspecting the email, we determined it to be a phishing attempt disguised as a quote inquiry. It contains a link to a fraudulent webpage where recipients are asked to provide personal information. These types of emails should be ignored to prevent any potential risks. The phishing em
During our analysis of gapconnectionbridge.co[.]in, we discovered that it uses clickbait to obtain permission to send notifications. Once permitted, gapconnectionbridge.co[.]in can show deceptive notifications to trick users into opening untrustworthy websites. Therefore, gapconnectionbridge.co[.]
Our team has examined topgreenview.com and found that it is a fake search engine promoted through an extension (Top Green Search) designed to hijack web browsers. This extension changes the settings of a web browser to promote topgreenview.com. topgreenview.com is a fake search engine because it d
During our examination of QuickSeek, we learned that this extension operates as a browser hijacker. It hijacks a web browser to promote guardflares.com. Additionally, QuickSeek enables the "Managed by your organization" setting. Users are advised not to trust QuickSeek and remove it if it is alrea
Our team discovered YE1337 ransomware during an inspection of samples uploaded to VirusTotal. Once executed, YE1337 encrypts files and appends its extension (".YE1337"). It also drops a ransom note ("YE1337_read_me.txt") and changes the victim's desktop wallpaper. An example of how files encrypte