Lilium is ransomware (from the VoidCrypt family) that we discovered while inspecting malware samples submitted to VirusTotal. Upon infiltration, Lilium encrypts and renames files, and displays a ransom note ("!INFO.HTA"). It appends an email address, a string of random characters, and the ".lilium
Our examination of buyvisblog[.]com has shown that it is a deceptive website designed to trick visitors into giving it permission to show notifications. Additionally, buyvisblog[.]com may redirect visitors to other untrustworthy sites. Thus, users should avoid visiting buyvisblog[.]com (and simila
During our examination of the email, we noticed characteristics of a phishing attempt. This email is a fraudulent letter disguised as a notification regarding a signed settlement agreement. Scammers use it to trick unsuspecting recipients into opening a fake website designed to steal personal info
While inspecting questionable sites, our research team found the ceestaul[.]com rogue page. It operates by promoting browser notification spam and redirecting visitors to other (likely dubious/malicious) websites. Most users enter webpages like ceestaul[.]com through redirects caused by sites empl
Our researchers discovered news-beciyi[.]com during a routine investigation of suspect websites. After inspecting news-beciyi[.]com, we determined that it promotes browser notification spam and redirects users to other (likely unreliable/dangerous) sites. Most visitors to news-beciyi[.]com and pa
While browsing dubious sites, our research team found brobadsmart[.]com. This rogue page is designed to promote browser notification spam and generate redirects to different (likely dubious/malicious) websites. Users most commonly access sites like brobadsmart[.]com via redirects caused by webpag
Upon inspection, we determined that the "Outlook - Someone Logged Into Your Mail Account" email is fake. This spam letter is disguised as a notification regarding a new sign-in to the recipient's email account. The goal is to deceive recipients into disclosing their log-in credentials to a phishin
Gratsegrid[.]com is a rogue webpage discovered by our researchers during a routine inspection of suspect sites. Upon examination, we determined that this page endorses spam browser notifications and redirects visitors to other (likely untrustworthy/harmful) websites. Most users enter gratsegrid[.
After reading the "Cargo Shipment" email, we determined that it is spam. The letter is presented as partnership offer for 30% value of goods that need to be shipped. If the recipient agrees, they are to aid with arranging the shipment. This kind of scam mail typically seeks to obtain sensitive in
Vert is a malicious program designed to steal sensitive data from infected systems. Due to this behavior, Vert is classed as a stealer. The malware in question targets log-in credentials, cryptowallets, and extensive information relating to the Discord messaging platform. The Vert stealer