Our team has reviewed the email and found it to be a phishing attempt. This is a scam email disguised as an important notification from the email service provider. Fraudsters behind it seek to lure recipients into a fake website. Their goal is to steal personal information through that deceptive s
We have analysed the email and found it to be a fake message from Truist Bank. The scammers behind this fraudulent email aim to trick recipients into opening the included link, which leads to a fake login page. That page is used to steal personal information. Recipients should not trust this email
Our discovery of Ransoomed occurred while examining samples uploaded to VirusTotal. We have tested the malware and found that it is ransomware designed to block access to files by encrypting them. Also, Ransoomed appends its extension (".ransoomed") to files. For example, it renames "1.jpg" to "1.
Our examination has revealed that this is a phishing email presented as a system update notification from the email service provider. The scammers behind this fraudulent email aim to steal personal information via a fake login website. This scam email should be ignored to avoid the associated risk
EagleLocker is ransomware that our team has discovered during a routine inspection of samples uploaded to VirusTotal. Once executed, EagleLocker encrypts files and appends the ".daibang" extension. Also, it displays a pop-up containing a ransom note and changes the desktop wallpaper. An example o
We have reviewed the email and found it to be a phishing attempt. The message is disguised as a notification from the email service provider. Its purpose is to trick recipients into opening the provided website and entering personal information on it. Recipients should ignore this fraudulent email
ICanFix is ransomware that our team has discovered while examining malware samples submitted to VirusTotal. Our analysis shows that ICanFix is part of the MedusaLocker family and is designed to encrypt files, append the ".icanfix" extension to files, drop a ransom note ("READ_NOTE.html"), and chan
During our inspection, we discovered that this website (event-tulsa[.]fun) is a fraudulent copy of the original Black WallStreet page (black-wallstreet.netlify.app). Its purpose is to deceive visitors into believing that they can receive cryptocurrency through a giveaway. However, this airdrop is
Our researchers have discovered Cdd while inspecting samples uploaded to VirusTotal. Cdd is ransomware belonging to the Makop family. After execution, the ransomware encrypts files, provides a ransom note ("+README-WARNING+.txt"), and changes the desktop wallpaper. Cdd also renames files by appen
Our team has analysed the page (event-pyra[.]fun) and concluded that it imitates the original PYRA website, pyrachain.io. The fake site promotes a fake cryptocurrency giveaway, an airdrop to lure visitors into taking steps that could lead to permanent cryptocurrency loss. Thus, it is highly advisa