BurnsRAT is malware that allows cybercriminals to access the infected computer remotely. This type of malware is known as a Remote Administration Trojan. Threat actors were observed using BurnsRAT as a tool to deploy other malicious software. If BurnsRAT is present in the system, it should be elim
After reading this "Contract/Inheritance/Winning Payment" email, we determined that it is spam. It claims that the recipient did not receive their contract, inheritance, or prize payment – and to withdraw it, they must provide their details. The information in this email is false and in no way as
We have examined this scam and concluded that it involves fake warnings to trick unsuspecting users into downloading a specific application. Falling for such scams can expose users to privacy and security risks. Thus, it is important to recognize and avoid these scams. Initially, a fake po
While investigating spam emails, our researchers discovered the "Blockchain.com Money Transfer" scam. It masquerades as Blockchain.com – a cryptocurrency financial services company that provides various crypto-related services, including an exchange platform and digital wallet. This fake site cla
We have reviewed initiatehighlyoriginalthe-file[.]top and found that it displays misleading content to lure visitors into permitting it to show notifications. Allowing notifications from sites like initiatehighlyoriginalthe-file[.]top can expose users to scams and other risks. It is recommended to
Our team has inspected tonbaks[.]com and found that it displays questionable content and wants to show notifications. Accepting notifications from sites like tonbaks[.]com can expose users to various scams and other threats. Therefore, users should avoid tonbaks[.]com and not allow it to send noti
MAGA is ransomware from the Dharma family. It is designed to encrypt files, display a ransom note in a pop-up message (and create another ransom note as a text file, "MAGA_info.txt"), and rename files. Our team discovered MAGA during examination of malware samples submitted to VirusTotal. MAGA re
Our research team discovered the boasaikaipt[.]com rogue page while browsing websites. Upon examination, we learned that this webpage promotes browser notification spam and redirects users to other (likely untrustworthy/hazardous) sites. The majority of visitors to pages like boasaikaipt[.]com ac
We discovered the unpleute[.]com rogue page while investigating suspect websites. Our examination revealed that it endorses browser notification spam and generates redirects to other (likely unreliable/dangerous) sites. Most visitors to unpleute[.]com and analogous webpages access them through re
Revive is a ransomware-type program belonging to the Makop family. It is designed to encrypt data and demand ransoms for the decryption. Revive appends the names of the files it encrypts with a unique ID assigned to the victim, the cyber criminals' email address, and the ".revive" extension. To e