Our researchers found the XiN ransomware-type program while reviewing new submissions to the VirusTotal site. It belongs to the Xorist ransomware family. Malware of this kind encrypts data and demands payment for the decryption. On our test machine, XiN encrypted files and appended their filename
While examining myitmads[.]org, we found that it employs a technique known as clickbait. The site is created to trick visitors into agreeing to receive its notifications. Users should not accept notifications from myitmads[.]org and similar websites because it could lead to privacy and security is
While inspecting untrustworthy websites, our researchers discovered the RairApp PUA (Potentially Unwanted Application). Software within this classification is often distributed using dubious techniques and tends to have harmful capabilities. What is more, unwanted apps may infiltrate systems in bu
Our analysis of basein[.]info has shown that the purpose of this web page is to receive permission to show notifications. To achieve this, basein[.]info uses clickbait (a deceptive method). Pages like basein[.]info should be avoided and not permitted to send notifications to avoid exposure to scam
Our team discovered Ior while inspecting malware samples submitted to the VirusTotal web page. Ior is ransomware belonging to the Dharma family. It encrypts data, appends the victim's ID, jasalivan@420blaze.it email address, and the ".ior" extension to filenames, and provides two ransom notes (dis
We have inspected the page (karaketherfi.pages[.]dev) and found that it is fraudulent. It offers individuals to receive rewards as a lure. The goal is to trick them into taking actions that can result in substantial financial losses. Therefore, karaketherfi.pages[.]dev should not be trusted.
After inspecting the "Price And Delivery Time" email, we determined that it is malspam. The purpose of this malicious spam is to deceive recipients into infecting their devices with malware by luring them with a supposed purchase order. The spam email with the subject "New Order from Start
During a routine investigation, our research team discovered the "Mint StoneAi" scam as promoted on new.vedep[.]xyz (note that it could be hosted elsewhere). It lures users into exposing their digital wallets to a crypto drainer by promising an opportunity to mint (generate) StoneAi NFTs (Non-Fung
Voldemort is the name of a backdoor-type malware. It is written in the C programming language. This malicious program has been around since at least the summer of 2024. It is suspected that Voldemort is used in cyber-espionage, potentially by an advanced threat actor. This malware was proliferate
Upon inspection, we determined that the "SunToken Allocation" website (sunpumpswap[.]com) is deceptive. It claims to be distributing digital assets, and when users try to claim them – the cryptowallet connect options include platforms of ill-repute. IMPORTANT NOTE: We do not review crypto pr