While inspecting new malware submissions to the VirusTotal platform, our research team discovered the GOTHAM ransomware. This malicious program is part of the GlobeImposter ransomware family. This malware encrypts victims' data and demands they pay a ransom to decrypt it. On our testing system, G
While investigating suspicious websites, our research team discovered this "Search by image on Aliexpress" browser extension. It promises to allow users to perform image searches on the AliExpress e-commerce platform. Upon analysis, we determined that this extension operates as adware. Adw
Our team has reviewed this site (strszn-allocations[.]xyz) and concluded that it is a scam. On this site, users are offered the opportunity to participate in a cryptocurrency airdrop. The true intention is not to give away crypto, but to steal it from unsuspecting individuals. Thus, this page shou
While inspecting dubious websites, our research team found the spanchainedge[.]com rogue webpage. Our inspection revealed that this page promotes browser notification spam and redirects visitors to other (likely untrustworthy/dangerous) sites. Spanchainedge[.]com and analogous webpages are most co
Phelitic[.]com is a rogue webpage discovered by our researchers during a routine inspection of untrustworthy sites. After examining this page, we learned that it endorses spam browser notifications and generates redirects to different (likely unreliable/harmful) sites. The majority of visitors to
We have checked myositentrous[.]com and concluded that it is created to trick visitors into allowing it to show notifications by using a misleading method known as clickbait. After the site is permitted to send notifications, it can deliver fake alerts and similar messages to promote other web pag
Our findings are that this website uses a deceptive technique to trick visitors into allowing notifications. If permission is given, perundol.co[.]in can bombard users with misleading warnings and similar messages containing links to potentially harmful websites. It is strongly recommended to avoi
Our analysis of claim-redstonefi[.]com revealed that it impersonates the official RedStone website (redstone.finance) to deceive visitors. On this fake site, users are instructed to connect their wallets, which activates a malicious tool capable of stealing cryptocurrency. IMPORTANT NOTE: We
During our analysis of easy-search.pro, we found that it is a fake search engine promoted through a browser hijacker called Easy Search. Using easy-search.pro and Easy Search can expose users to privacy risks and other issues. Thus, it is advisable to avoid using them and remove them if they are a
Our team has inspected the email and determined that it is a scam email (a phishing attempt) disguised as a mail delivery status notification. It contains a link to a deceptive web page designed to extract personal information. Such emails should be identified as fraudulent and ignored. Th