"Important: You have 19 Pending incoming email(s)" is the title of a scam email. This message warns recipients that certain emails will be deleted due to a server error, unless they update their email servers. In fact, the link in the message redirects to a phishing website hosted by the Googleapi
TroyStealer is malicious software designed to steal information. This stealer has been observed being distributed via spam email campaigns. The deceptive messages spreading this malware were targeted at Portuguese users. The researched email variant was presented as a notification of a declined p
When opened, cooperativasantamargherita[.]com redirects visitors to other bogus web pages or displays dubious content. This is a rogue website, which operates in a similar way to sabs-news[.]info, pushcleansystem[.]com, checkvd[.]com, and many others. Typically, sites such as cooperativasantamarg
ESCAL was discovered by Ravi. This ransomware prevents victims from accessing/using their files by encryption. It renames them and drops the "!!_FILES_ENCRYPTED_.txt" text file (ransom message) in every folder that contains encrypted files. ESCAL renames files by appending the ".ESCAL-p9yqoly" ext
Discovered by Jakub Kroustek, HCK is a malicious program belonging to the Dharma ransomware family. System infected with this malware experience data encryption and users receive random demands for decryption. During the encryption process, all affected files are renamed following this pattern: o
seamletneds[.]club operates in a similar manner to sabs-news[.]info, pushcleansystem[.]com, checkvd[.]com, and many other websites - it redirects visitors to various other untrusted web pages or displays dubious content. Generally, users do not visit these sites intentionally - seamletneds[.]club
click-to-win-prize[.]com is one of many untrusted websites that redirect visitors to other web pages of this kind, or load dubious content. Some examples of similar sites are sabs-news[.]info, pushcleansystem[.]com and checkvd[.]com. Users do not often visit these pages intentionally - in most ca
The "National Bank of Greece" email is a deceptive message distributed in large numbers via operations called "spam campaigns". These particular scam emails target Greek users. The messages supposedly concern bank transfer proposals and have a transaction receipt attached to them, however, upon o
Discovered by Jakub Kroustek, this ransomware is a part of the Dharma ransomware family. It is designed to encrypt victims' files, change the filenames, and provide instructions about how to contact the developers. It renames encrypted files by adding the victim's ID, hlpp@protonmail.ch email addr
Nypd belongs to the Djvu ransomware family. Like most ransomware-type programs, it encrypts files, changes their filenames by appending an extension, and creates a ransom message that contains instructions about how to contact the developers. Nypd appends the ".nypd" extension to files. For examp