BASANAI is ransomware from the MedusaLocker family. We discovered this ransomware while analyzing malware samples uploaded to VirusTotal. Once executed, BASANAI encrypts files and appends its extension (".BASANAI") to files. For instance, a file named "1.jpg" is renamed to "1.jpg.BASANAI", "2.png"
We have checked xicuritinon.co[.]in and discovered that it uses deception to get permission to send notifications. If users accept these notifications, they may encounter websites designed to steal information or other fraudulent content. Xicuritinon.co[.]in and similar pages should be ignored and
We have inspected rexameles[.]com is created to deceive users into enabling its notifications. Once permission is given, it may send misleading messages, deceptive offers, and other suspicious content that can redirect users to untrustworthy websites. It is best not to trust rexameles[.]com.
Nextgeeker.com is a search engine promoted through browser hijackers and unwanted applications. Using it can expose users to scams and other unwanted content. Thus, we classified nextgeeker.com as an unreliable search engine. Users should avoid using it and remove it (and any associated hijackers
Exitium is ransomware that our team has found while examining malware samples uploaded to VirusTotal. Once a device is infected with Exitium, the malware encrypts files and appends the ".exitium" extension. For instance, it renames "1.jpg" to "1.jpg.exitium" and "2.png" to "2.png.exitium". Also, E
Our analysis shows that forestrievic[.]com is designed to trick users into allowing notifications. After permission is granted, it may deliver misleading alerts, scam offers, and other dubious content aimed at directing users to untrustworthy websites. It is recommended to avoid trusting forestrie
Our findings indicate that omnitaro.co[.]in is used to mislead visitors into enabling its notifications. Once permission is given, the site can send deceptive alerts, fraudulent promotions, and other suspicious content that can lead users to unsafe websites. Users are advised not to trust omnitaro
We have inspected the email and found that it is written by scammers who seek to trick recipients into believing that they received a message (a "mail queue notification) from their email service provider. The purpose of this fraudulent message is to steal personal information through a fake websi
The fake Google Docs Offline extension is a malicious Chrome extension that masquerades as a real Google tool. It is injected as part of a larger attack and is used to spy on users. Once planted, it can log what victims type, steal cookies, login sessions, and capture screenshots. If present on a
We have reviewed the email and found that it is a scam disguised as a final notice from a cloud service. The scammers behind it seek to trick recipients into opening a misleading website and following the provided instructions. None of the claims in this email (or the associated scam sites) is tru