While investigating suspicious sites, our researchers discovered this "Coca Cola Survey". It is a survey-type scam in which users are asked to complete a questionnaire for a reward from Coca-Cola. It must be emphasized that this scheme is in no way associated with the actual Coca-Cola Company. Th
After reviewing creritaprets[.]com, we found it to be a fraudulent site designed to trick users into allowing it to send notifications. It employs a clickbait technique to accomplish this. To minimize the risk of online threats, users should avoid visiting sites like creritaprets[.]com (and never
We have examined earthshaper[.]top and discovered that it is a fraudulent site created to lure visitors into accepting its request to show notifications. Earthshaper[.]top uses a technique known as clickbait to achieve this. Users should avoid visiting web pages like earthshaper[.]top to avoid exp
Our research team discovered the Annoy ransomware while investigating file submissions to the VirusTotal platform. Malicious software within this class encrypts data and demands payment for the decryption. On our testing system, Annoy encrypted files and altered their filenames. Original titles w
We have inspected daynitroglass[.]com and discovered that it employs clickbait to obtain permission to send notifications to users (to their devices). If permitted, daynitroglass[.]com may display deceptive notifications to trick users into visiting untrustworthy websites and (or) taking other act
During our analysis of the website (curve.web3-claims[.]click), we learned that it is a fraudulent site promoting a $CRV token airdrop. Scammers behind this scam site aim to trick individuals into believing that they can receive tokens for free. However, falling for this scam can result in a perma
While investigating untrustworthy sites, our researchers discovered the elydes[.]com rogue page. Upon inspection, we learned that this webpage endorses browser notification spam and redirects users to other (likely untrustworthy/dangerous) websites. Elydes[.]com and similar pages are most commonl
Our researchers discovered Destroy ransomware while inspecting new file submissions to the VirusTotal platform. It belongs to the group of ransomware under the title "MedusaLocker". On our testing system, Destroy encrypted files and appended their filenames with a ".destry30" extension. Hence, a
DarkDev is a ransomware-type virus found by our researchers while inspecting new submissions to the VirusTotal website. Malware of this kind is designed to encrypt data and demand ransoms for the decryption. After we executed a sample of DarkDev on our test machine, it encrypted files and added a
Helldown is ransomware that we discovered during inspection of malware samples uploaded to the VirusTotal platform. Upon examining Helldown, we concluded that its functionality involves encrypting files, appending a random extension to filenames, and creating a ransom note ("Readme.[random_string]