Click-video*[.]com is a group of websites (e.g., click-videov[.]com, click-videot[.]com, click-videom[.]com, click-videok[.]com, and others) that display deceptive messages to lure visitors into agreeing to receive notifications. We discovered these sites while inspecting other questionable pages.
After inspecting the "Abandoned Funds" email, we determined that it is spam. The fake sender is identified as a banker seeking to transfer funds from a deceased client and share them between themselves and the recipient. This spam mail operates as a phishing scam aiming to obtain personally ident
VectorStealer is a malicious program designed to steal sensitive data. It is classified as an information stealer. Typically, stealers run silently in the background to avoid suspicion. Threat actors use various ways to trick users into infecting computers with information-stealing malware.
While checking the VirusTotal page for recently submitted malware samples, we discovered ransomware dubbed FinD0m. The purpose of this malware is to encrypt files. Also, FinD0m drops the "FinD0m.txt" file and appends the ".FinD0m" extension to filenames (e.g., renames "1.jpg" to "1.jpg.FinD0m", "2
Our team has analyzed yourtopleveldefence[.]site and learned that the purpose of this site is to trick visitors into purchasing antivirus software. However, yourtopleveldefence[.]site uses a scare tactic to promote that software - it displays a fake virus warning. Typically, users open such pages
Our team has tested the Word Counter Widget browser extension and found that it displays intrusive advertisements. Thus, we classified Word Counter Widget as adware. Adware is often promoted and distributed using deceptive or other questionable methods. We discovered Word Counter Widget on a shady
Securitypczone[.]site is a rogue site that our research team discovered during a routine investigation of suspicious webpages. At the time of research, it promoted the "Norton Security - Your PC Might Be Infected With Viruses!" scam. This page also pushed spam browser notifications. Additionally,
During a routine inspection of deceptive sites, our research team found the Word Counter browser extension. It is supposedly capable of providing the word count of any current webpage. However, our inspection of this extension revealed that it is adware, i.e., Word Counter runs intrusive ad campai
Our researchers discovered the resiastawsix[.]xyz rogue page while inspecting dubious websites. We learned that this webpage promotes scams and browser notification spam. Additionally, it can redirect users to different (likely untrustworthy/malicious) sites. Most visitors to resiastawsix[.]xyz a
Tzw is the name of a ransomware-type program we discovered while inspecting new submissions to VirusTotal. We executed a sample of Tzw on our test machine, and this ransomware encrypted the files and changed their titles. The filenames were appended with a ".tzw" extension, e.g., a file initially