We have run the malware on our testing device and found that Kron is ransomware. Once executed, it encrypts files and appends the ".Kron" extension to them. Also, it drops a ransom note, a text file named "R3ADM3.txt". An example of how files encrypted by Kron are renamed: "1.jpg" is changed to "1
Our team has inspected okeluvilighan.co[.]in and found that it uses clickbait to get permission to send notifications. If users agree to get those notifications, the site can bombard them with unwanted ads, bogus warnings, and similar messages containing links to potentially malicious pages. Thus,
While investigating dubious websites, our researchers discovered millyspheneiver[.]com. This rogue webpage promotes spam browser notifications and produces redirects to other (likely suspicious/harmful) sites. Most visitors access pages like millyspheneiver[.]com via redirects generated by sites t
Our research team discovered the kexornero.co[.]in rogue page while browsing untrustworthy websites. This webpage is designed to promote browser notification spam and redirect users to different (likely unreliable/dangerous) sites. Kexornero.co[.]in and similar pages are most commonly accessed thr
Demonthopeerif[.]com is a rogue webpage discovered by our researchers during a routine investigation. Upon examining this page, we learned that it promotes browser notification spam and generates redirects to other (likely unreliable/hazardous) sites. The majority of visitors to demonthopeerif[.]
Our research team discovered the britageens[.]com rogue page while browsing suspicious websites. Upon examination, we determined that it promotes spam browser notifications and generates redirects to different (likely unreliable/hazardous) sites. Britageens[.]com and similar webpages are primarily
After examining this "Management Shared A File With You" email, we learned that it is spam. This message claims that the recipient's management has shared with them a document. The goal is to lure them into a phishing website targeting email account log-in credentials. The spam email with
Our research team found the HYFBTCLOCKER ransomware during a routine inspection of new file submissions to the VirusTotal site. It operates by encrypting victims' data and creating a ransom-demanding message. After we executed a sample of HYFBTCLOCKER on our test system, it encrypted files and ad
Our research team discovered this fake "RizzmasCTO" airdrop during a routine investigation. This bogus giveaway operates as a cryptocurrency drainer – by draining funds from exposed cryptowallets. It must be emphasized that this scam is not associated with any existing projects, platforms, or enti
We have inspected maciboherrilon[.]com and found that this website uses clickbait to obtain permission to send notifications. If visitors agree to receive those notifications, they can be exposed to scams and other threats. Typically, sites like maciboherrilon[.]com send fake warnings and other mi