We have inspected the website (clear-sign-ledger-activation[.]com) and found that it imitates the real page (ledger.com) to trick unsuspecting users into revealing their recovery phrases. Falling for this scam can result in monetary loss. Thus, users should always examine web pages before disclosi
Our research team discovered the newads-point[.]com rogue page while investigating dubious websites. This webpage endorses spam browser notifications and produces redirects to different (likely unreliable/harmful) sites. The majority of visitors to newads-point[.]com and similar pages access them
We have discovered Crynox during an analysis of malware samples submitted to VirusTotal. Crynox is ransomware based on another ransomware called Chaos. Its purpose is to encrypt files. Additionally, Crynox is designed to rename files (appends the ".crynox" extension), change the desktop wallpaper,
We discovered this Luck ransomware during a routine investigation of new submissions to the VirusTotal website. This malicious program is part of the MedusaLocker ransomware family. After we executed a sample of Luck (MedusaLocker) ransomware on our test machine, it encrypted files and appended t
We have inspected altitudeedge[.]top and found that it uses clickbait to lure visitors into allowing it to send notifications. Our analysis has shown that altitudeedge[.]top shows deceptive notifications that can expose users to various online threats. Therefore, altitudeedge[.]top should not be t
Plestawn[.]com is a rogue page that promotes browser notification spam and redirects users to other (likely untrustworthy/malicious) websites. The majority of visitors to such webpages access them via redirects produced by sites utilizing rogue advertising networks. In fact, our researchers disco
Our research team discovered the mctop[.]fun rogue page during a routine investigation of suspicious websites. After investigating this webpage, we learned that it promotes online scams and browser notification spam. Additionally, mctop[.]fun can generate redirects to different (likely dubious/mal
After reading this "Qatar Airways" email, we determined that it is fake. This spam message is presented as a business opportunity. It must be emphasized that this scam offer is in no way associated with the actual Qatar Airways or any other legitimate entities. The likely purpose of this email is
While browsing new file submissions to the VirusTotal platform, our researchers discovered a malicious program called Black. It is based on the Prince ransomware. This program is designed to encrypt data and demand ransoms for the decryption. On our test machine, Black (Prince) ransomware encrypt
PlainGnome is an Android-specific spyware. It is designed to record and steal vulnerable information from infected devices. PlainGnome emerged in 2024. This malware is associated with Gamaredon (also known as Primitive Bear and Shuckworm) – a Russian state-backed threat actor, specifically affili