This "Mode Sunrise Airdrop" is fake. The giveaway supposedly distributes the Mode cryptocurrency. However, when a user attempts to participate in this airdrop, they inadvertently expose their digital wallet to a crypto drainer that can empty it of stored assets. Several domains have been o
Upon inspection, we determined that the "WeTransfer - You Have Received Files" email is spam. This phishing letter targets email account log-in credentials by claiming that the recipient was sent a file via a legitimate file transfer service. It must be emphasized that this scam mail is not assoc
While browsing submissions to the VirusTotal platform, our researchers discovered a ransomware named 777. This malicious program is part of the GlobeImposter ransomware family. We acquired a sample of 777 (GlobeImposter) ransomware from VirusTotal and executed it on our test machine. The malware
Our analysis of carenotifsolution[.]xyz determined that it is an unreliable website promoting a legitimate software product. Also, carenotifsolution[.]xyz asks for permission to send notifications that are misleading. Thus, users should avoid visiting carenotifsolution[.]xyz or allow it to show no
After carefully examining the email, we have determined that it is a fraudulent message crafted to entice unsuspecting recipients into accessing a deceptive website. These scammers use the website to pilfer personal information. Such deceptive emails are commonly referred to as phishing emails.
Our research team discovered the PdfKnight PUA (Potentially Unwanted Application) while inspecting suspicious websites. According to the webpage promoting this app, it supposedly operates as a file format converter that can convert PDFs to Doc format documents. Our analysis revealed that PdfKnigh
Our researchers discovered the PDFConverty app during a routine investigation of untrustworthy websites. After installing this software on our test machine, we determined that it is a PUA (Potentially Unwanted Application) that promotes the portal.pdfconverty.com fake search engine. It is worth m
Whoaglaugnow[.]com is the address of a rogue webpage discovered by our researchers during a routine inspection of unreliable sites. Upon examination, we determined that it promotes browser notification spam and redirects to different (likely dubious/malicious) websites. Most users enter whoaglaug
During our examination of malware samples on VirusTotal, we discovered a ransomware variant belonging to the Makop family dubbed Datah. This ransomware encrypts files and creates a ransom note ("+README-WARNING+.txt") containing contact information and other details. Also, Datah renames files. Da
Upon examination of defendsafe[.]site, it has been determined to be a deceptive website designed to present misleading content. Also, this site wants to send notifications. It is worth noting that users do not visit such pages on purpose. Usually, they end up on such pages through similar websites