GonzoFortuna is a ransomware-type program discovered by our research team during a routine inspection of new submissions to the VirusTotal platform. This malicious program belongs to the MedusaLocker ransomware family. GonzoFortuna is designed to encrypt data and demand payment for the decryption.
We have inspected dr23[.]biz and found that its purpose is to obtain permission to show notifications through deception. This website uses clickbait to trick visitors into agreeing to receive its notifications. Users should avoid visiting sites like dr23[.]biz and never grant them permission to se
While investigating suspicious sites, our researchers discovered this "Coca Cola Survey". It is a survey-type scam in which users are asked to complete a questionnaire for a reward from Coca-Cola. It must be emphasized that this scheme is in no way associated with the actual Coca-Cola Company. Th
After reviewing creritaprets[.]com, we found it to be a fraudulent site designed to trick users into allowing it to send notifications. It employs a clickbait technique to accomplish this. To minimize the risk of online threats, users should avoid visiting sites like creritaprets[.]com (and never
We have examined earthshaper[.]top and discovered that it is a fraudulent site created to lure visitors into accepting its request to show notifications. Earthshaper[.]top uses a technique known as clickbait to achieve this. Users should avoid visiting web pages like earthshaper[.]top to avoid exp
Our research team discovered the Annoy ransomware while investigating file submissions to the VirusTotal platform. Malicious software within this class encrypts data and demands payment for the decryption. On our testing system, Annoy encrypted files and altered their filenames. Original titles w
We have inspected daynitroglass[.]com and discovered that it employs clickbait to obtain permission to send notifications to users (to their devices). If permitted, daynitroglass[.]com may display deceptive notifications to trick users into visiting untrustworthy websites and (or) taking other act
During our analysis of the website (curve.web3-claims[.]click), we learned that it is a fraudulent site promoting a $CRV token airdrop. Scammers behind this scam site aim to trick individuals into believing that they can receive tokens for free. However, falling for this scam can result in a perma
While investigating untrustworthy sites, our researchers discovered the elydes[.]com rogue page. Upon inspection, we learned that this webpage endorses browser notification spam and redirects users to other (likely untrustworthy/dangerous) websites. Elydes[.]com and similar pages are most commonl
Our researchers discovered Destroy ransomware while inspecting new file submissions to the VirusTotal platform. It belongs to the group of ransomware under the title "MedusaLocker". On our testing system, Destroy encrypted files and appended their filenames with a ".destry30" extension. Hence, a