Dark Eye is ransomware belonging to the Xorist family. We discovered it while checking malware samples submitted to VirusTotal. This ransomware encrypts files and appends the ".darkeye" extension to filenames. It also provides a ransom note (it displays a pop-up window, changes the desktop wallpap
During an inspection of pirophackeric[.]com, our team discovered that this page uses a deceptive tactic known as clickbait. The aim is to lure visitors into accepting notifications from pirophackeric[.]com. Usually, when sites like pirophackeric[.]com have permission to send notifications, they bo
Upon examining this "Fifth Third Bank" email, we determined that it is fake. This phishing email targets Fifth Third Bank (5/3 Bank) account log-in credentials. The letter tricks recipients into disclosing this data by informing them of a bogus card purchase. It must be stressed that this email is
After inspecting this "Bank Of Scotland" email, we learned that it is spam. This phishing campaign seeks recipients' personally identifiable information by claiming that they are entitled to funds from the Bank of Scotland. The letter namedrops several legitimate entities, and it must be emphasiz
During our inspection of phougets[.]com, we found that this page displays deceptive content to receive permission to send notifications. Usually, notifications from pages like phougets[.]com contain fake warnings, alerts, and other messages. Users are advised not to permit such pages to send notif
Tetradsgroup[.]com is a rogue webpage discovered by our researchers during a routine investigation of suspicious sites. After examining this page, we determined that it promotes browser notification spam and generates redirects to other (likely dubious/malicious) websites. Users primarily access
While examining cubmotodic[.]com, we found that it uses deception (a misleading message) to obtain permission to show notifications. Web pages of this type should be avoided. Allowing cubmotodic[.]com and similar sites to show notifications can expose users to various risks. We found that
Our researchers discovered techadsmecity[.]com during a routine inspection of untrustworthy websites. This rogue page is designed to promote browser notification spam and redirect visitors to other (likely dubious/dangerous) sites. The majority of users access webpages like techadsmecity[.]com vi
Thecanetdesign[.]com is a rogue page discovered by our researchers while browsing suspect websites. Upon inspection, we learned that thecanetdesign[.]com endorses spam browser notifications and redirects users to different (likely unreliable/hazardous) sites. Most visitors access webpages like th
Our research team found Shadaloo while browsing new submissions to the VirusTotal website. This malicious program is classified as ransomware; it encrypts data and demands payment for the decryption. On our testing system, Shadaloo encrypted files and added a ".shadaloo" extension to their names.