We have examined the malware and found it to be ransomware. Our team has discovered Redgov while inspecting malware samples submitted to VirusTotal. Once a system is infiltrated, Redgov encrypts files, appends the ".redgov" extension to files, and drops a ransom note ("!!!_DECRYPT_INFO_!!!.txt").
Our team has examined the malware and concluded that it is ransomware belonging to the Makop family. After execution, Decrypt encrypts files, modifies filenames (by appending the victim's ID and the ".decrypt" extension), changes the desktop wallpaper, and provides a ransom note ("+README-WARNING+
Our analysis has revealed that it is a scam email (a phishing attempt) posing as a security reminder from the email service provider. Scammers use it to steal personal information through a fake website. Recipients of this email should ignore and delete it to avoid the potential outcomes.
Our research team found corphthele[.]com while investigating untrustworthy websites. After inspecting this rogue page, we determined that it promotes browser notification spam and redirects visitors to other (likely unreliable/dangerous) sites. Most users access corphthele[.]com and analogous webp
Our inspection of the "Fedex - Incoming Package Notification" email revealed that it is fake. The spam message instructs the recipient to check their delivery address to receive their package. It must be emphasized that this email is not associated with the actual FedEx Corporation. The goal of th
Browsinglive.net is a fake search engine discovered by our research team during the analysis of the Safe Browsing Live browser hijacker. This website cannot provide search results and redirects to genuine Internet search sites. Illegitimate search engines typically collect information about their
Trustedsourcessearch.com is a fake search engine that cannot provide search results and redirects to legitimate Internet search websites. Our researchers discovered this page while investigating the Trusted Sources browser hijacker. This browser extension is advertised as a tool for accessing trus
While browsing suspicious sites, our research team found this fake "ZenChain Rewards" page. It promises BTC (Bitcoin cryptocurrency) rewards. The purpose of this scam is to lure users into exposing their cryptowallets to a cryptocurrency drainer. It must be emphasized that this scam is not associa
Our review of zenithchainedge[.]com shows that it is a deceptive website that relies on clickbait to persuade visitors to enable notifications. Once permission is granted, the site may push intrusive ads, fraudulent offers, and other messages of this kind. Users are advised to avoid zenithchainedg
Our team has inspected the email and concluded that it is a phishing email masquerading as an important message regarding an intercepted money transfer. Typically, emails like this one are used to steal money or information from recipients. This and similar emails should be ignored and deleted.