After examining this "Someone Entered Correct Password For Your Account" email, we determined that it is spam. The message claims there was a sign-in attempt to the recipient's account using their actual password. The recipient is urged to investigate this activity – thus, they are lured into disc
During our inspection of WatchThisOnline, we found that the app is supposed to provide users with daily streaming updates. In reality, it provides little to no real value and may have malicious functionalities. Thus, we classified WatchThisOnline as an unwanted application. Users should avoid inst
CrypteVex is a ransomware-type program. Malware within this classification is designed to encrypt data and demand payment for its decryption. After we executed CrypteVex on our test machine, it displayed a pop-up window. The malware encrypted files and appended their names with a ".cryptevex" ext
Our examination of the email has shown that it is a phishing email designed to trick recipients into sharing personal information with scammers. This deceptive email contains a link to a fake website where unsuspecting users are requested to enter login credentials. This and similar emails should
Qilra is ransomware that we discovered while inspecting samples submitted to VirusTotal. Our analysis has shown that Qilra encrypts files, appends the ".qilra" extension to files, and generates a ransom note ("RESTORE-MY-FILES.TXT"). An example of how the ransomware changes filenames: it renames "
Our team has inspected wexprotocol.co[.]in and discovered that its purpose is to trick visitors into agreeing to receive notifications from it. Once the page has permission to show notifications, it delivers fake warnings and similar messages. Thus, wexprotocol.co[.]in should not be trusted (and n
Our analysis of the Claim BasedAI platform has shown that it is a fraudulent scheme targeting cryptocurrency holders. Its purpose is to deceive individuals into taking actions that would result in the theft of their cryptocurrency. This and similar unofficial and deceptive websites should be avoid
HexaCrypt is ransomware designed to encrypt files. In addition to preventing access to files, HexaCrypt appends a string of random characters to files (changes their extension) and drops a ransom note "[random_string].READ_ME.txt". An example of how HexaCrypt renames files: it changes "1.jpg" to "
We have inspected hawarbarin.co[.]in and found that it uses a tactic known as clickbait to obtain permission to show notifications. If permitted, hawarbarin.co[.]in can show deceptive notifications designed to open unreliable websites. It is highly advisable not to trust hawarbarin.co[.]in and rej
Our researchers discovered this fake "Raydium Airdrop" site during a routine inspection of dubious websites. This page mimics the Raydium (raydium.io) platform. The imitator page promotes a cryptocurrency drainer that aims to siphon funds from exposed digital wallets. IMPORTANT NOTE: We do n