Our researchers discovered matrixgrowthforge[.]com while investigating suspicious websites. After examining this rogue page, we determined that it promotes browser notification spam and generates redirects to other (likely unreliable/dangerous) sites. Matrixgrowthforge[.]com presents visit
Friends is ransomware our research team identified while examining new malware samples submitted to VirusTotal. It encrypts files on the victim's machine and demands payment for a decryption key. The attackers also claim to have stolen sensitive data and threaten to make it public if the ransom is
Hommy is a ransomware-type program that we discovered during a routine inspection of new submissions to the VirusTotal website. Hommy belongs to the Makop ransomware family. It encrypts files, renames them, drops a ransom note ("+README-WARNING+.txt"), and changes the desktop wallpaper. On our te
We have inspected this email and determined that it is a scam. It informs recipients that they have been randomly selected to receive a large number of Tesla (TSLA) shares worth over four million dollars and instructs them to get in touch to claim this prize. This is a classic advance-fee scam des
We have inspected this email and determined that it is a phishing scam impersonating American Express. The message claims that a personal loan worth $18,940.00 has been approved for the recipient, then uses a fake security alert to lure them into clicking a verification link. The scammers behind i
We have examined this email and determined that it is a phishing scam disguised as an internal Human Resources notice about a compensation and benefits review. The included link leads to a fake email account sign-in page designed to steal login credentials. This email should be ignored, as interac
We have inspected rewards-gacha[.]com and found that it promotes a fake $GACHA token airdrop, impersonating the PowerGacha platform (powergacha.io). It is designed to trick visitors into connecting their wallets to "claim" tokens, which can lead to financial losses. IMPORTANT NOTE: We do not
We have inspected the website (vote-getgrass[.]app) and found that it operates as a fake $GRASS rewards voting page. It impersonates the legitimate Grass platform (grass.io) and is designed to trick visitors into connecting their cryptocurrency wallets, which can lead to financial losses. IM
Our researchers discovered the Fusebase Search browser hijacker while inspecting extensions distributed through dedicated download pages. Fusebase Search modifies browser settings so that searches and new tabs are handled by s.fusebase-search.com. This extension is also considered a privacy threa
We inspected Video Search Extension and found that it is a browser hijacker. Once added to a web browser, this extension changes the default search engine to myvideolibrary.info, a fake search engine. Myvideolibrary.info is promoted by multiple hijacker extensions, with Video Library Search being