Our researchers discovered Mr.Dark101 ransomware while browsing file submissions to the VirusTotal website. This malware is based on Chaos ransomware. Mr.Dark101 is designed to encrypt data and demand payment for the decryption. After we executed a sample on our testing system, the ransomware enc
BlackNote is an information stealer that targets various sensitive information. Stealers often operate stealthily, collecting data from infected devices to send to remote servers controlled by threat actors. This malware poses significant risks to user privacy and security. If BlackNote has infilt
During our inspection of malware submitted to VirusTotal, we discovered a ransomware variant known as ElonMuskIsGreedy. Ransomware is a type of malware designed to encrypt files. In addition to encrypting data, ElonMuskIsGreedy renames files by appending ".ELONMUSKISGREEDY-[victim's_ID]" to their
After reading this "Office Server" email, we determined that it is spam. This fake message is presented as a password expiration notice. The goal of this campaign is to trick recipients into providing their email account log-in credentials to a phishing website. The spam email with the sub
Our inspection of asraichuer[.]com has revealed that this page uses a deceptive method to lure visitors into accepting its notifications. Once a page like asraichuer[.]com has permission to show notifications, it can bombard users with fake warnings and other misleading notifications. Thus, asraic
We have inspected this email and found that it is a scam email masquerading as a notification from Dropbox (a legitimate file hosting service). Our examination has revealed that the purpose of this scam is to trick recipients into disclosing personal information. Such emails fall into the category
During our inspection of phipsougri[.]com, we noticed that this page uses a clickbait technique to obtain permission from visitors to show notifications. Usually, notifications from websites like phipsougri[.]com contain misleading messages. Thus, users should avoid accepting them. Phipsou
We have inspected alaskariver[.]top and learned that it uses a method known as clickbait to trick visitors into allowing it to send notifications. When web pages like alaskariver[.]top have permission to show notifications, they typically deliver fake warnings or other messages. Thus, these sites
This "$RUNE Loot Crate Claims" scam (runiverse[.]claims; could be hosted elsewhere) is a cryptocurrency drainer. It lures users with the promise of a chance to receive RUNE tokens. This scheme does not distribute any digital assets – instead, it steals them by siphoning the funds from exposed cryp
While browsing dubious sites, our researchers discovered the "$KINTO TGE Check Allocations" scam (kintodao[.]claims). Instead of distributing digital assets, this scheme operates as a cryptocurrency drainer – i.e., by stealing funds from exposed cryptowallets. It must be emphasized that this fake