During our scrutiny of this email, our team identified it as a fraudulent notification, falsely claiming the sharing of a contract document with the recipients. The primary objective of this email is to entice recipients into accessing a deceptive website and providing their login credentials. Suc
Our researchers discovered the 6y8dghklp ransomware while reviewing new submissions to the VirusTotal platform. This malicious program is part of the Phobos ransomware family. On our test system, 6y8dghklp ransomware encrypted files and modified their filenames. Original names were appended with
While examining the ParasaurolophusWalkeri browser extension, we came across disturbing activities, such as the enabling of the "Managed by your organization" feature in Chrome settings and the gathering of user data. Our interaction with ParasaurolophusWalkeri emerged as a result of our investiga
After a comprehensive review, our team has determined that the intention behind this email is to deceive recipients into disclosing their personal information. These emails are categorized as phishing attempts, and in this specific case, the scammers pose as an email service provider with the aim
Upon evaluating the CommonBusiness application, we have observed its frequent display of intrusive advertisements, categorizing it as adware. Users frequently install such applications like CommonBusiness without a full understanding of the potential consequences they may encounter. Such apps sh
While analyzing malware samples submitted to VirusTotal, we encountered a ransomware variant known as Hgml. This specific ransomware is crafted to encrypt files and modify their filenames by adding the ".hgml" extension. Additionally, Hgml creates a ransom note that can be found within a file name
During our examination of malware samples on the VirusTotal page, we came across the Hgkd ransomware, which is part of the Djvu family. When this ransomware infiltrates a computer, it encrypts data and appends the ".hgkd" extension to filenames. For instance, a file named "1.jpg" becomes "1.jpg.hg
While investigating suspect sites, our research team found the systemsecurity[.]click webpage. It is designed to promote scams and browser notification spam. This page can also redirect visitors to other (likely unreliable/dangerous) websites. Users predominantly access systemsecurity[.]click and
Our researchers discovered the Dragon Baby browser extension during a routine inspection of deceptive webpages. After analyzing this piece of software, we determined that it is a browser hijacker. Dragon Baby makes changes to browser settings in order to promote the dragonboss.solutions fake sear
Our research team discovered the "Error Code: W9KA528V" technical support scam during a routine investigation of untrustworthy websites. It is presented as a warning from Microsoft Windows stating that the user's system has been blocked due to security concerns. This scam aims to trick victims int