Our research team discovered the QQ ransomware while inspecting new file submissions to the VirusTotal site. Malicious programs within this category encrypt data and demand ransoms for its decryption. After we executed a sample of this ransomware on our test machine, it encrypted files and append
We have examined the site and concluded that it hosts a pop-up scam. This scam involves a fake McAfee warning regarding computer security. Typically, scammers behind such schemes aim to collect illegitimate commissions or steal personal information or money. Thus, it is highly advisable to ignore
While investigating deceptive sites, our research team found the "DeepSeek Crypto Giveaway" scam. This fake giveaway promises twice the return on Bitcoin, Ethereum, and Solana cryptocurrency or DeepSeek tokens contributed. Instead of receiving any amount, victims lose all that they transfer to the
DeepSeek For YouTube is promoted as a tool that quickly provides concise summaries of YouTube videos, allowing users to grasp the content in seconds. However, our analysis has shown that DeepSeek For YouTube is a browser extension that can show unwanted advertisements. Thus, we classified it as ad
Our analysis of BlackHeart has shown that this is ransomware belonging to the MedusaLocker family. Upon execution, BlackHeart encrypts data and appends the ".blackheart138" extension to files (e.g., renames "1.jpg" to "1.jpg.blackheart138", "2.png" to "2.png.blackheart138", etc.). It also drops a
We have inspected basicnetworkchain[.]com and learned that hosts the "You've visited illegal infected website" scam. Also, the page requests permission to show notifications and, if allowed, it bombards users with more deceptive content. Thus, it is highly dvisable to avoid visiting basicnetworkch
Parthonylogles[.]com is a rogue webpage discovered by our researchers during a routine inspection of dubious sites. Upon examination, we determined that this page endorses browser notification spam and redirects visitors to other (likely suspicious/dangerous) websites. Most users enter parthonylo
Netlify.app is a domain owned by Netlify - a legitimate Web hosting service that has been observed being abused by cyber criminals to host deceptive and possibly malicious content. Our researchers discovered one such page – glistening-haupia-e37bbf.netlify[.]app – while browsing suspicious website
Our researchers discovered the Omega Ad Blocker rogue browser extension while investigating suspicious websites. Although this extension is endorsed as an advertisement-blocking tool, it operates as adware – by displaying ads and collecting sensitive user information. Adware stands for adv
After inspecting this "Capital One - Card Restricted" email, we learned that it is fake. This fraudulent alert notifies the recipient of a secure message sent to them from the "Capital One Fraud Department". The goal is to trick recipients into visiting a phishing website disguised as a Capital On