We have examined earthshaper[.]top and discovered that it is a fraudulent site created to lure visitors into accepting its request to show notifications. Earthshaper[.]top uses a technique known as clickbait to achieve this. Users should avoid visiting web pages like earthshaper[.]top to avoid exp
Our research team discovered the Annoy ransomware while investigating file submissions to the VirusTotal platform. Malicious software within this class encrypts data and demands payment for the decryption. On our testing system, Annoy encrypted files and altered their filenames. Original titles w
We have inspected daynitroglass[.]com and discovered that it employs clickbait to obtain permission to send notifications to users (to their devices). If permitted, daynitroglass[.]com may display deceptive notifications to trick users into visiting untrustworthy websites and (or) taking other act
During our analysis of the website (curve.web3-claims[.]click), we learned that it is a fraudulent site promoting a $CRV token airdrop. Scammers behind this scam site aim to trick individuals into believing that they can receive tokens for free. However, falling for this scam can result in a perma
While investigating untrustworthy sites, our researchers discovered the elydes[.]com rogue page. Upon inspection, we learned that this webpage endorses browser notification spam and redirects users to other (likely untrustworthy/dangerous) websites. Elydes[.]com and similar pages are most commonl
Our researchers discovered Destroy ransomware while inspecting new file submissions to the VirusTotal platform. It belongs to the group of ransomware under the title "MedusaLocker". On our testing system, Destroy encrypted files and appended their filenames with a ".destry30" extension. Hence, a
DarkDev is a ransomware-type virus found by our researchers while inspecting new submissions to the VirusTotal website. Malware of this kind is designed to encrypt data and demand ransoms for the decryption. After we executed a sample of DarkDev on our test machine, it encrypted files and added a
Helldown is ransomware that we discovered during inspection of malware samples uploaded to the VirusTotal platform. Upon examining Helldown, we concluded that its functionality involves encrypting files, appending a random extension to filenames, and creating a ransom note ("Readme.[random_string]
While examining resertol.co[.]in, we discovered that it uses a deceptive method (clickbait) to lure visitors into agreeing to receive its notifications. Once allowed, resertol.co[.]in shows fake warnings and other misleading notifications. Therefore, users should never permit resertol.co[.]in (and
Our researchers found denalimount[.]top while inspecting dubious websites. This rogue page endorses browser notification spam and redirects users to other (likely untrustworthy/dangerous) sites. The majority of visitors enter webpages like denalimount[.]top via redirects generated by websites tha