We have tested the malware and found that it is ransomware. Our team has discovered Zarok while inspecting samples uploaded to VirusTotal. Upon execution, Zarok encrypts files and appends four random characters to their filenames (e.g., ".ps8v"). For instance, it renames "1.jpg" to "1.jpg.ps8v" an
We have examined the email and determined that it is a phishing attempt. The fraudulent message poses as a "service update notification". The scammers behind it seek to trick recipients into opening a deceptive page and entering personal details. This and similar scams should be ignored to avoid t
Our analysis shows that this is a phishing email disguised as a notification from the email service provider. It is used to trick recipients into opening a fake website and entering personal information on it. Falling for this scam can lead to account hijacking and possibly other negative outcomes
We have inspected savixnero.co[.]in and discovered that it is designed to display deceptive content to trick visitors into allowing it to show notifications. If permitted, savixnero.co[.]in can deliver fake warnings and other misleading messages. Users should avoid visiting this page. Once
Our researchers found the fusionbridgelink[.]com rogue page while browsing suspicious websites. After examining it, we determined that this webpage promotes spam browser notifications and redirects visitors to different (likely dubious/harmful) sites. Fusionbridgelink[.]com and analogous pages ar
Denetight[.]com is a rogue page discovered by our researchers during a routine investigation. After inspecting this webpage, we learned that it promotes browser notification spam and generates redirects to other (likely unreliable/hazardous) sites. Most visitors access denetight[.]com and similar
"Suspicious Activity Detected" refers to several email spam campaigns that urge recipients to take immediate action due to suspect account activity. This spam mail aims to deceive recipients into revealing their email account log-in credentials to phishing websites. We discovered two email
"Device Locked Due To Access To Illegal Content" is a multilingual scam claiming that users' devices have been blocked due to repeated access to online resources containing illegal pornographic content. The goal is to deceive victims into paying a bogus fine – sending money to scammers. It must be
BAGAJAI is a ransomware-type program discovered by our researchers while reviewing new submissions to the VirusTotal website. This malicious program is part of the MedusaLocker ransomware family. Malware within this classification operates by encrypting data in order to demand a ransom for decrypt
PROMPTSTEAL is a malicious program designed to steal information. It is written in the Python programming language. This data miner is a novel malware that utilizes generative AI to create malicious commands during execution. PROMPTSTEAL has been used by FROZENLAKE (also known as APT28) – a threa