This "Pacmoon Airdrop" is fake. This scam claims to give a 10% Pacmoon (PAC) token bonus for those who join the project. However, once a user connects their digital wallet to it, the scam begins operating as a cryptocurrency drainer. This scheme has been observed being promoted via posts on the X
Hitobito (also known as Kage No Hitobito) is a ransomware-type program. It operates by encrypting files and demanding payment for the decryption. On our test machine, Hitobito encrypted files and added a ".hitobito" extension to their filenames. For example, a file originally named "1.jpg" appear
Resultsearch.net is the address of a rogue webpage classed as a fake search engine. Sites within this classification cannot generate search results and tend to redirect to legitimate Internet search websites. Usually, these pages collect visitor data. Fake search engines are promoted by browser h
VCURMS is a remote administration Trojan (RAT) that cybercriminals store on public services such as Amazon Web Services (AWS) and GitHub. This method allows the Trojan to conceal its presence and activities from security measures, making it more challenging to detect and remove from infected syste
Myultimatesafeguard[.]com is a page discovered by our researchers during a routine investigation of questionable websites. Upon inspection, we determined that this rogue webpage promotes scams and browser notification spam. It can also redirect users to other (likely dubious/malicious) sites. Pag
While analyzing malware samples uploaded to VirusTotal, we identified cursoDFIR, a ransomware variant engineered to encrypt files. Additionally, cursoDFIR appends its extension (".cursoDFIR") to filenames, changes the desktop wallpaper, and generates a text file ("meleaicara.txt") containing a ran
Ert is a malicious program belonging to the Xorist ransomware family. It is designed to encrypt data and demand payment for the decryption. Our researchers discovered this malware while reviewing new submissions to the VirusTotal platform. When we executed a sample of Ert on our testing system, i
After examination, it has come to light that notifgetnews[.]com utilizes clickbait, a deceitful strategy, to coax visitors into agreeing to receive notifications. Furthermore, notifgetnews[.]com has the potential to redirect users to similar websites. Therefore, visitors are advised against placin
During our examination of the email, we found it to be a deceptive message impersonating a threat from a hacker. The scammer responsible for this email intends to trick recipients into thinking that compromising videos will be distributed to others unless they meet the specified demands. These typ
Upon analysis, it has been discovered that news-lifume[.]com employs clickbait, a deceptive tactic, to deceive visitors into consenting to receive notifications. Additionally, news-lifume[.]com has the capability to redirect users to comparable web pages, potentially leading to further manipulatio