Upon analyzing the email, our team has determined that its purpose is to trick recipients into revealing their personal information. Such letters are called phishing emails. The email in question urges recipients to review certain documents, but in reality, it is a fraudulent message that should b
GAZPROM is a malicious program that uses CONTI ransomware's code. Malware within the ransomware classification operates by encrypting data for the purpose of demanding ransom for its decryption. After we executed a sample of GAZPROM on our testing system, it encrypted files and appended their fil
Upon examining this email, we have discovered that it is a phishing scam that masquerades as a notification from the South African Post Office. The objective of this fraudulent email is to trick the recipients into accessing a bogus website and divulging their personal information. Therefore, it i
Rec_rans is the name of malware that operates as ransomware. Our team discovered it while examining malware samples on VirusTotal. Rec_rans encrypts files on the infected computer, changes the desktop wallpaper, drops the "HOW_TO_RECOVERY_FILES.txt" file containing a ransom note, and adds the ".re
BlackSuit is ransomware - malware that prevents victims from accessing their files by encrypting them. BlackSuit targets Windows and Linux users. In addition to encrypting data, this ransomware changes the desktop wallpaper, creates the "README.BlackSuit.txt" file (a ransom note), and renames file
Upon investigation of Sticky Note Board Extension, we found that it is an extension for web browsers that is intended to boost the visibility of a fake search engine known as search.notesticky-extension.com. This is achieved by seizing control of the browser settings. Apps that operate like Sticky
Econsultingcoem[.]com is a rogue page that we discovered while inspecting dubious sites. This website promotes browser notification spam and redirects users to other (likely unreliable/dangerous) pages. Visitors to econsultingcoem[.]com and sites akin to it – access them primarily through redirec
Our researchers found the Zhong ransomware during a routine examination of new VirusTotal submissions. Ransomware is a type of malware that encrypts data for ransom purposes. On our test machine, Zhong encrypted files and appended their filenames with a ".zhong" extension. To elaborate, a file ti
While investigating dubious websites, our research team found the cosmovideo[.]cam rogue webpage. It is designed to promote browser notification spam and redirect visitors to different (likely unreliable/hazardous) sites. Most users access pages like cosmovideo[.]cam via redirects caused by websit
After inspecting the "Payment Proforma Invoice / Contract" email, we determined that it is spam. This letter operates as a phishing scam; it makes false claims regarding a received voice message to trick recipients into attempting to sign in via a fake website. This spam campaign targets email acc