During our inspection of malware submitted to VirusTotal, we discovered a ransomware variant known as ElonMuskIsGreedy. Ransomware is a type of malware designed to encrypt files. In addition to encrypting data, ElonMuskIsGreedy renames files by appending ".ELONMUSKISGREEDY-[victim's_ID]" to their
After reading this "Office Server" email, we determined that it is spam. This fake message is presented as a password expiration notice. The goal of this campaign is to trick recipients into providing their email account log-in credentials to a phishing website. The spam email with the sub
Our inspection of asraichuer[.]com has revealed that this page uses a deceptive method to lure visitors into accepting its notifications. Once a page like asraichuer[.]com has permission to show notifications, it can bombard users with fake warnings and other misleading notifications. Thus, asraic
We have inspected this email and found that it is a scam email masquerading as a notification from Dropbox (a legitimate file hosting service). Our examination has revealed that the purpose of this scam is to trick recipients into disclosing personal information. Such emails fall into the category
During our inspection of phipsougri[.]com, we noticed that this page uses a clickbait technique to obtain permission from visitors to show notifications. Usually, notifications from websites like phipsougri[.]com contain misleading messages. Thus, users should avoid accepting them. Phipsou
We have inspected alaskariver[.]top and learned that it uses a method known as clickbait to trick visitors into allowing it to send notifications. When web pages like alaskariver[.]top have permission to show notifications, they typically deliver fake warnings or other messages. Thus, these sites
This "$RUNE Loot Crate Claims" scam (runiverse[.]claims; could be hosted elsewhere) is a cryptocurrency drainer. It lures users with the promise of a chance to receive RUNE tokens. This scheme does not distribute any digital assets – instead, it steals them by siphoning the funds from exposed cryp
While browsing dubious sites, our researchers discovered the "$KINTO TGE Check Allocations" scam (kintodao[.]claims). Instead of distributing digital assets, this scheme operates as a cryptocurrency drainer – i.e., by stealing funds from exposed cryptowallets. It must be emphasized that this fake
While investigating suspect sites, our researchers discovered this fake "$PAWS Token Distribution" page. The scam was promoted on allocate-pawscoin[.]xyz, yet it could be hosted elsewhere. The webpage claims to be distributing tokens – instead, it operates as a cryptocurrency drainer. Essentially
Our researchers discovered the InstantQuest browser hijacker in a rogue installer promoted by a scam page, the latter was found during a routine investigation of untrustworthy websites. This extension modifies browser settings to promote (via redirects) the finditfasts.com fake search engine. It