Our researchers discovered titaniumveinshaper[.]com while investigating suspicious websites. This rogue page has several appearances; it is designed to promote browser notification spam and redirect users to other (likely dubious/malicious) sites. Webpages like titaniumveinshaper[.]com are most c
Finderssearching.com is the address of a fake search engine discovered by our research team promoted through a rogue installer, which was pushed by a deceptive webpage. Illegitimate search engines usually cannot provide search results and collect visitor data. In most cases, these websites are end
While inspecting new submissions to the VirusTotal platform, our researchers found a ransomware-type program named Locked. It belongs to the MedusaLocker ransomware family. This malware encrypts data and demands ransoms for its decryption. After we launched a sample of Locked (MedusaLocker) ranso
Tokenely[.]com is a scam website claiming to be Europe's top crypto trading platform. It also depicts imagery associated with the Tesla multinational automotive and clean energy company. The goal of this scam is to deceive victims into transferring cryptocurrency to scammers. It might also record
The bitxspark[.]com website is a fake cryptocurrency trading platform. This scam site steals victims' deposits by tricking them into transferring the funds to cryptowallets owned by scammers. Bitxspark[.]com might also operate as a phishing page that records log-in credentials. As mentione
FridayBoycrazy is a ransomware variant based on Chaos ransomware. We discovered FridayBoycrazy while inspecting malware samples on VirusTotal. Once activated, FridayBoycrazy encrypts files, appends a string of random characters to filenames, changes the desktop wallpaper, and creates a ransom note
In our evaluation of endsupreme[.]com, it was observed that the site has at least three variations aimed at deceiving visitors into consenting to receive notifications. Moreover, endsupreme[.]com may redirect users to other untrustworthy websites. Therefore, endsupreme[.]co and similar sites shoul
Xbirex[.]com is a scam cryptocurrency platform. It claims to be one of Europe's leading exchanges that allows storage (wallet functionality), as well as sale and purchase of over two hundred digital currencies. This fraudulent website tricks victims into transferring cryptocurrency to scammers by
Our researchers discovered the FORCE ransomware-type program during a routine review of new submissions to VirusTotal. It is part of the Phobos ransomware family. On our test system, FORCE encrypted files and demanded payment for the decryption. The filenames of locked files were appended with a
Upon analysis of malware samples on the VirusTotal platform, Vook has been identified as a variant within the Djvu ransomware family. Vook encrypts files and modifies their filenames, adding the ".vook" extension. For example, it changes "1.jpg" to "1.jpg.vook", "2.png" to "2.png.vook", and so on.