Our research team found the news-rosuco[.]cc rogue page while investigating suspicious websites. After inspecting this webpage, we learned that it promotes browser notification spam and redirects visitors to other (likely unreliable/harmful) sites. News-rosuco[.]cc and analogous pages are primaril
After reviewing this "Repair And Protection" email, we determined that it is spam. It claims that the recipient's email account has been restricted. The purpose of this spam campaign is to trick victims into revealing their account log-in credentials to a phishing website. This spam email
Our researchers discovered this fake "Barking Puppy ($BP)" airdrop while browsing untrustworthy sites. The scam claims that eligible users can participate in this supposed airdrop. The goal is to lure victims into exposing their digital wallets to a cryptocurrency drainer – a mechanism that steals
Our inspection of the "CIMB Bank - Transfer To Your Account" email revealed that it is spam. This message states that a transfer request has been submitted for processing. The goal of this phishing campaign is to steal victims' email passwords. It must be emphasized that this message is not associ
Our researchers discovered Dexter ransomware during a routine review of new file submissions to the VirusTotal platform. This malware is designed to encrypt data and demand ransoms for the decryption. After we launched this sample on our testing system, Dexter encrypted files and renamed them by
After examining the website (events-p0[.]fun), we determined that it is fraudulent. It misleadingly promises visitors the chance to participate in a cryptocurrency airdrop. The cybercriminals who created this scam are attempting to steal funds from victims' crypto wallets, so interacting with the
Hope (Flash) is a ransomware-type program discovered by our researchers during a routine inspection of new submissions to the VirusTotal website. Malware of this kind encrypts data and demands payment for its decryption. On our test machine, this ransomware encrypted files and renamed them follow
Green Blood is ransomware that we have discovered during our inspection of malware samples uploaded to VirusTotal. Once a system is infected, Green Blood encrypts files and appends the ".tgbg" extension to them (e.g., it renames "1.jpg" to "1.jpg.tgbg", "2.png" to "2.png.tgbg", and so forth). The
We have discovered PurpleCrypt0r while examining samples submitted to VirusTotal. Our analysis shows that PurpleCrypt0r is ransomware that encrypts files, appends the ".purple" extension to files, changes the desktop wallpaper, and creates the "readme.txt" file (a ransom note). An example of how
We reviewed the website (zrealsupercoin[.]live) and found that it is a scam. It falsely claims that visitors can join a cryptocurrency airdrop. The fraudsters behind it are trying to steal funds from crypto wallets, so engaging with this site could lead to serious financial loss. IMPORTANT N