Our research team found totalalltimebestdefender[.]info during a routine investigation of suspicious websites. Upon examination, we determined that this rogue page promotes browser notification spam and redirects users to other (likely unreliable/harmful) sites. The majority of visitors enter web
The Bully is a ransomware-type program discovered by our researchers during a routine inspection of new submissions to the VirusTotal site. The Bully is based on Chaos ransomware. Malicious software within this classification is designed to encrypt data and demand payment for the decryption. Afte
While inspecting news-xhovico[.]cc, our team found that the site employs a deceptive tactic called clickbait. This method is used to entice visitors to accept notifications from news-xhovico[.]cc. Once granted permission, sites like this typically deliver intrusive and misleading notifications.
While reviewing new malware submissions to the VirusTotal platform, our research team discovered the DennisTheHitman ransomware. This malicious program is part of the GlobeImposter ransomware family. This class of malware operates by encrypting data to demand payment for its decryption. On our te
We discovered that toneadds[.]com is a deceptive website designed to lure visitors into taking action resulting in permitting the page to show notifications. Our examination of toneadds[.]com revealed that it can send untrustworthy notifications. Therefore, toneadds[.]com should not be granted per
During our analysis of NoDeep, we found that it is ransomware from the Proton family. It encrypts files, appends an email address (nodeep@tutamail.com) and its extension (".nodeep") to filenames, and drops a ransom note ("#Read-for-recovery.txt"). Our discovery of NoDeep occured while inspecting s
Dark Eye is ransomware belonging to the Xorist family. We discovered it while checking malware samples submitted to VirusTotal. This ransomware encrypts files and appends the ".darkeye" extension to filenames. It also provides a ransom note (it displays a pop-up window, changes the desktop wallpap
During an inspection of pirophackeric[.]com, our team discovered that this page uses a deceptive tactic known as clickbait. The aim is to lure visitors into accepting notifications from pirophackeric[.]com. Usually, when sites like pirophackeric[.]com have permission to send notifications, they bo
Upon examining this "Fifth Third Bank" email, we determined that it is fake. This phishing email targets Fifth Third Bank (5/3 Bank) account log-in credentials. The letter tricks recipients into disclosing this data by informing them of a bogus card purchase. It must be stressed that this email is
After inspecting this "Bank Of Scotland" email, we learned that it is spam. This phishing campaign seeks recipients' personally identifiable information by claiming that they are entitled to funds from the Bank of Scotland. The letter namedrops several legitimate entities, and it must be emphasiz