While examining malware samples submitted to VirusTotal, our team discovered ransomware belonging to the MedusaLocker family dubbed Attackuk. The purpose of Attackuk is to encrypt data. Also, it provides a ransom note ("How_to_back_files.html") and appends its extension (".attackuk") to filenames.
Getoverenergy[.]com is a rogue webpage that we discovered during a routine inspection of untrustworthy sites. It operates by promoting browser notification spam and redirecting users to different (likely dubious/malicious) websites. Most visitors to getoverenergy[.]com and pages akin to it – acce
During our analysis of questionable websites, we came across colamecola[.]biz. Our review of this site revealed that it is an untrustworthy page that tricks visitors into permitting it to send notifications. Moreover, colamecola[.]biz might redirect visitors to other untrustworthy pages. W
Our research team found the TwoFactor ransomware while investigating new submissions to VirusTotal. Malware within this classification is designed to encrypt data and demand payment for its decryption. After we executed a sample of TwoFactor on our test machine, it encrypted files and appended th
After evaluating aboutsmartcook[.]com, we determined that the website utilizes misleading methods by displaying a fake message to compel visitors to sign up for notifications. Additionally, aboutsmartcook[.]com may steer users towards other questionable websites. Therefore, it is recommended to ex
After analyzing the Oceans - New Tab browser extension, we discovered that it seizes control of a web browser by modifying its settings. The objective of these modifications is to promote a fake search engine known as oceansnewtab.com. Therefore, we have categorized Oceans - New Tab as a browser h
After analyzing this email, we came to the conclusion that it is a fraudulent email masquerading as a notification from Microsoft. It is a phishing email that aims to entice recipients to access a fake website and disclose their personal information. Therefore, recipients should disregard this ema
Our researchers discovered the eBook Search browser extension while investigating deceptive websites. This piece of software is presented as a tool for easy access to ebooks. However, our analysis of eBook Search revealed that it is a browser hijacker and endorses the sear.ebooksearchnow.com fake
During a routine investigation of suspicious websites, our research team discovered a malicious setup promoting the CovidDash (full title "CovidDash at Johns Hopkins University") browser extension. It is endorsed as a tool for easy access to information relating to the COVID-19 pandemic. After in
After inspecting the "Purchase Confirmation" email, we determined that it is spam. This letter is presented as a message regarding purchase confirmation. It supposedly contains relevant documentation; however, when the provided link is followed – it redirects to a phishing website that targets ema