Our team discovered that bacysobste[.]com tries to trick visitors into agreeing to receive its notifications. Once permission is given, the site can deliver deceptive alerts that may direct users to shady websites. It is advisable to avoid this site and close it immediately if you encounter it.
Our discovery of KREMLIN occured during an inspection of samples uploaded to VirusTotal. Upon testing the malware, we found that it is ransomware. KREMLIN is designed to encrypt files and append the ".KREMLIN" extension to them. It also creates a text file ("README.txt") containing a ransom note.
Our researchers found cousicyl[.]com while investigating untrustworthy websites. Upon examination, we determined that this rogue page endorses spam browser notifications and redirects users to other (likely dubious/dangerous) sites. Cousicyl[.]com and analogous webpages are primarily accessed thr
While browsing suspect sites, our research team discovered the clonexvoro.co[.]in rogue webpage. Upon inspection, we learned that it endorses browser notification spam and produces redirects to different (likely untrustworthy/dangerous) websites. Most visitors to pages like clonexvoro.co[.]in acce
Achabaritic.co[.]in is a rogue page promoting browser notification spam and redirecting visitors to other (likely untrustworthy and/or malicious) websites. Our researchers discovered this webpage while investigating sites that use rogue advertising networks. In fact, most visitors to pages like a
Our research team found the RestoreMyData ransomware during a routine review of new malware submissions to the VirusTotal website. Programs within the ransomware classification encrypt data and demand payment for its decryption. On our test machine, RestoreMyData encrypted files and appended thei
Our inspection of the "RITCHMEN (S) PTE LTD" email revealed that it is spam. This message claims that the recipient has been sent an invoice and is requested to confirm the payment. It must be emphasized that this spam campaign is not associated with any legitimate entities. This email aims to lur
Our researchers discovered the Level ransomware while browsing new submissions to VirusTotal. This program is part of the Babuk ransomware family. Ransomware operates by encrypting data and demanding ransoms for the decryption. On our testing system, Level encrypted files and added a ".level" ext
Our team found that axishankylic[.]com attempts to deceive users into allowing it to show notifications. After gaining permission, it can push misleading alerts that lead to questionable and potentially malicious sites. Users should avoid axishankylic[.]co and close it immediately if they land on
During a routine investigation, we found the search-redirect.com fake search engine. Usually, websites of this kind cannot provide search results and redirect to legitimate Internet search sites. Search engines like search-redirect.com are commonly promoted (via redirects) by browser hijackers.