While examining winsafe[.]xyz, our team found that this page uses a clickbait technique to lure visitors into agreeing to receive notifications. We also learned that winsafe[.]xyz has at least two designs. We discovered winsafe[.]xyz while inspecting websites that use rogue advertising networks.
lUUUUUUUUU is the name of a ransomware-type program that our researchers discovered while inspecting new submissions to VirusTotal. This malicious program is part of the Xorist ransomware family. After being launched on our testing system, this ransomware encrypted files and appended the filename
Cryptonite (.cryptn8) is a ransomware designed to encrypt data and demand payment for the decryption. As reported by Fortinet, this is a customizable version of ransomware that is available for free, which is uncommon. Malware of this type usually appends the encrypted files with an extension, an
RAXNET is a malicious program that operates as a clipper. Malware within this classification can replace clipboard data. RAXNET specifically targets copied cryptocurrency wallet addresses and replaces them with those belonging to the attackers. The purpose of this malware is to steal cryptocurrenc
Patriot is the name of a malicious program that operates as a stealer. Despite being described as an "educational" tool in its promotional material, this program is sold on the Web and has functionalities designed for malicious use. Patriot is capable of stealing a wide variety of information, in
After analyzing the "Incoming Messages ERROR Notification" email, we determined that it is spam operating as a phishing scam. This mail claims that an error had occurred on the recipient's email account and prevented messages from researching the inbox. To release the nonexistent letters - the rec
We examined this email and learned that it is generated by crooks who seek to trick recipients into believing that they have won a lottery. This letter is a hoax (a lottery scam). People who fall for such scams never receive any money or other prizes. Thus, this email should be ignored/deleted.
Team Punisher is a ransomware-type program designed to encrypt data and demand ransoms for decryption. On our test machine, this malware encrypted files and appended their filenames with a ".punisher" extension. To elaborate, a file initially named "1.jpg" appeared as "1.jpg.punisher", "2.png" as
While inspecting new submissions to VirusTotal, our researchers found a new ransomware that belongs to the Xorist ransomware family, which is named Ety. Ransomware is designed to encrypt data and demand payment for decryption. Once executed on our test system, Ety began encrypting files and chang
While analyzing theupgradedata[.]com, we learned that it is a deceptive website designed to lure visitors into agreeing to receive notifications. Also, theupgradedata[.]com redirects to other untrustworthy pages. Our team discovered theupgradedata[.]com while examining pages that use rogue adverti