While inspecting new submissions to the VirusTotal platform, our researchers found a ransomware-type program named Locked. It belongs to the MedusaLocker ransomware family. This malware encrypts data and demands ransoms for its decryption. After we launched a sample of Locked (MedusaLocker) ranso
Tokenely[.]com is a scam website claiming to be Europe's top crypto trading platform. It also depicts imagery associated with the Tesla multinational automotive and clean energy company. The goal of this scam is to deceive victims into transferring cryptocurrency to scammers. It might also record
The bitxspark[.]com website is a fake cryptocurrency trading platform. This scam site steals victims' deposits by tricking them into transferring the funds to cryptowallets owned by scammers. Bitxspark[.]com might also operate as a phishing page that records log-in credentials. As mentione
FridayBoycrazy is a ransomware variant based on Chaos ransomware. We discovered FridayBoycrazy while inspecting malware samples on VirusTotal. Once activated, FridayBoycrazy encrypts files, appends a string of random characters to filenames, changes the desktop wallpaper, and creates a ransom note
In our evaluation of endsupreme[.]com, it was observed that the site has at least three variations aimed at deceiving visitors into consenting to receive notifications. Moreover, endsupreme[.]com may redirect users to other untrustworthy websites. Therefore, endsupreme[.]co and similar sites shoul
Xbirex[.]com is a scam cryptocurrency platform. It claims to be one of Europe's leading exchanges that allows storage (wallet functionality), as well as sale and purchase of over two hundred digital currencies. This fraudulent website tricks victims into transferring cryptocurrency to scammers by
Our researchers discovered the FORCE ransomware-type program during a routine review of new submissions to VirusTotal. It is part of the Phobos ransomware family. On our test system, FORCE encrypted files and demanded payment for the decryption. The filenames of locked files were appended with a
Upon analysis of malware samples on the VirusTotal platform, Vook has been identified as a variant within the Djvu ransomware family. Vook encrypts files and modifies their filenames, adding the ".vook" extension. For example, it changes "1.jpg" to "1.jpg.vook", "2.png" to "2.png.vook", and so on.
Upon analyzing the malware samples available on the VirusTotal platform, Looy has been identified as a variant within the Djvu ransomware family. Looy functions by encrypting files and modifying their filenames, appending the ".looy" extension. For instance, it alters "1.jpg" to "1.jpg.looy", "2.p
Upon evaluation, it was determined that the Pure MathCalc Hub application functions as a browser hijacker, compelling users to utilize a counterfeit search engine. This software achieves browser hijacking by altering browser settings. It is advisable to promptly remove browser extensions like Pure