While browsing submissions to the VirusTotal platform, our researchers discovered a ransomware named 777. This malicious program is part of the GlobeImposter ransomware family. We acquired a sample of 777 (GlobeImposter) ransomware from VirusTotal and executed it on our test machine. The malware
Our analysis of carenotifsolution[.]xyz determined that it is an unreliable website promoting a legitimate software product. Also, carenotifsolution[.]xyz asks for permission to send notifications that are misleading. Thus, users should avoid visiting carenotifsolution[.]xyz or allow it to show no
After carefully examining the email, we have determined that it is a fraudulent message crafted to entice unsuspecting recipients into accessing a deceptive website. These scammers use the website to pilfer personal information. Such deceptive emails are commonly referred to as phishing emails.
Our research team discovered the PdfKnight PUA (Potentially Unwanted Application) while inspecting suspicious websites. According to the webpage promoting this app, it supposedly operates as a file format converter that can convert PDFs to Doc format documents. Our analysis revealed that PdfKnigh
Our researchers discovered the PDFConverty app during a routine investigation of untrustworthy websites. After installing this software on our test machine, we determined that it is a PUA (Potentially Unwanted Application) that promotes the portal.pdfconverty.com fake search engine. It is worth m
Whoaglaugnow[.]com is the address of a rogue webpage discovered by our researchers during a routine inspection of unreliable sites. Upon examination, we determined that it promotes browser notification spam and redirects to different (likely dubious/malicious) websites. Most users enter whoaglaug
During our examination of malware samples on VirusTotal, we discovered a ransomware variant belonging to the Makop family dubbed Datah. This ransomware encrypts files and creates a ransom note ("+README-WARNING+.txt") containing contact information and other details. Also, Datah renames files. Da
Upon examination of defendsafe[.]site, it has been determined to be a deceptive website designed to present misleading content. Also, this site wants to send notifications. It is worth noting that users do not visit such pages on purpose. Usually, they end up on such pages through similar websites
While browsing untrustworthy websites, our researchers discovered a page endorsing a fake "cracked" software. After downloading the installer, we learned that it contains SDeck Free MediaPlayer and a bunch of other unwanted/harmful software. Due to the dubious methods used to promote SDeck Free M
Upon examination of the PassengerPigeon application, it has been determined to be a malicious extension disseminated via untrustworthy platforms. This extension possesses the ability to trigger the "Managed by your organization" function, infiltrate and tamper with diverse data sets, and oversee o