MoneyIsTime is ransomware designed to encrypt files on the infected computer. Our discovery of MoneyIsTime occured during inspection of malware samples submitted to VirusTotal. In addition to encrypting files, MoneyIsTime renames them (by appending a string of random characters and the ".moneyisti
We have analyzed this email and found that it is a fraudulent email designed to trick recipients into believing that they have received an invoice. The scammers behind this email seek to extract personal information from recipients. It is strongly recommended not to respond to such emails or open
Our analysis of glukubairaw[.]com has shown that it displays shady content and can show misleading notifications. Usually, sites like glukubairaw[.]com are promoted using deceptive methods to trick users into visiting them. Users should not visit glukubairaw[.]com and agree to receive its notifica
Our research team discovered ovelatishly[.]com during a routine investigation of untrustworthy websites. This rogue webpage promotes spam browser notifications and generates redirects to other (likely dubious/dangerous) sites. The majority of visitors to ovelatishly[.]com and pages into it access
Our researchers discovered the "Top Two" browser extension while inspecting dubious sites. After examining this software, we learned that it is a browser hijacker. Top Two changes browser settings to endorse (via redirects) the toptosearch.com fake search engine. Typically, browser hijacke
Upon examining this "OneDrive - A Secured File Has Been Shared" email, we determined that it is fake. This spam letter attempts to deceive recipients into revealing their account log-in credentials by presenting them with a phishing website disguised as a OneDrive page. This spam email is
While analyzing a rogue installation setup, our researchers discovered the WeatherZero PUA (Potentially Unwanted Application). This app provides a desktop widget that displays local weather data. However, PUAs often possess harmful functionalities and tend to infiltrate systems in bundles. The in
While investigating suspect sites, our research team discovered this "CyberLama Mint" scam promoted on cyberlama-tyn.pages[.]dev (keep in mind that it could be hosted elsewhere). This scheme operates as a cryptocurrency drainer – it drains digital assets from exposed cryptowallets. It must be emp
During our examination of griboughafo[.]com, we discovered that it employs a deceptive tactic to deceive visitors into permitting it to send notifications. Users often unintentionally access web pages like griboughafo[.]com. If encountered, such sites should be closed. Griboughafo[.]com di
FlipPlayer seems to be a video player. However, our discovery of FlipPlayer occurred during the examination of web pages associated with rogue advertising networks. Thus, we classified FlipPlayer as an unwanted application. Users are advised not to install apps like FlipPlayer to avoid potential i