While browsing dubious websites, our research team discovered the anchomoross[.]com rogue page. It promotes browser notification spam and generates redirects to different (likely untrustworthy/hazardous) sites. Anchomoross[.]com and similar webpages are most commonly accessed through redirects cau
During a routine inspection of new malware submissions to VirusTotal, our research team found yet another ransomware based on Makop, named Ziver. Malicious software within this classification operates by encrypting data and demanding payment for the decryption. On our testing system, Ziver encryp
Qwizzserial is a malicious program written in the Kotlin programming language that targets Android devices. This malware is a stealer – a type of software intended to steal vulnerable information from infected systems. It seeks to steal text messages (SMSes) and other sensitive data. Qwizzserial
After inspecting this "Spotify Can't Process Your Payment" email, we determined that it is fake. This spam message claims that there has been an issue processing the recipient's "Spotify Premium Family" subscription. It must be emphasized that this email is not associated with the real Spotify. Th
Darkness is ransomware that we discovered during our analysis of malware samples uploaded to VirusTotal. It is designed to encrypt files on the infected device and append a string of random characters (possibly a victim's ID), and its extension ".Darkness" to filenames. Also, Darkness provides a r
Our researchers discovered SpiderPery ransomware while investigating new submissions to the VirusTotal platform. This malware encrypts data and demands payment for the decryption. On our test machine, SpiderPery encrypted files and added a unique ID and the ".SpiderPery" extension to their filena
We have reviewed the email and determined that it is part of a sextortion scam. These types of scams typically use threatening language to scare the recipient into sending money, even though the claims made are false and fabricated. Such emails should be ignored to avoid monetary loss or other neg
While browsing suspect websites, our researchers found this fake "Gigabrain" token airdrop. This deceptive page impersonates the official Gigabrain website (gigabrain.gg). It must be emphasized that this airdrop is fraudulent and not associated with the actual Gigabrain site. This scam aims to ste
BlackFL is ransomware that we discovered while inspecting samples submitted to VirusTotal. After execution, BlackFL encrypts files, provides a ransom note ("BlackField_ReadMe.txt"), and appends its extension (".BlackFL") to files. For example, it renames "1.jpg" to "1.jpg.BlackFL", "2.png" to "2.p
While inspecting new submissions to VirusTotal, our researchers discovered the AIR ransomware. This malicious program belongs to the Makop ransomware family. Malware of this kind is designed to encrypt data and demand ransoms for the decryption. On our test machine, AIR (Makop) ransomware encrypt