Our research team discovered the 726 ransomware during a routine inspection of new submissions to VirusTotal. It is designed to encrypt data and demand ransoms for decryption. After we executed a sample of 726 on our test system, the ransomware appended the files it encrypted with a "..726" exten
Our researchers discovered the "Avira Security" scam while inspecting untrustworthy websites. This scheme is presented as the Avira anti-virus that detects various threats on visitors' devices. It must be emphasized that this content is fake, and it is in no way associated with the actual Avira Op
While investigating suspicious websites, our researchers discovered the "TREZOR Assets Might Be At Risk!" phishing scam. Additionally, we found that this scheme is promoted via spam SMSes (smishing). This scam claims that users' Trezor cryptocurrency wallets might be at risk due to a data breach
While inspecting onlymp3[.]to, we found that it is one of the websites offering to download videos from YouTube. Also, it wants to show notifications and uses rogue advertising networks. Thus, users should not trust this page. It is important to note that downloading videos from YouTube may violat
While analyzing the Qwik Bee browser extension, our team learned that it operates as a browser hijacker. The purpose of this app is to promote qwikbee.com - a fake search engine. Qwik Bee hijacks a web browser by manipulating the web browser's settings. Users often download and install/add browser
While examining bilsteringdates[.]com, we found that this site displays adult content, redirects to other shady pages, and asks for permission to show notifications. We discovered bilsteringdates[.]com while analyzing websites that use rogue advertising networks. Pages of this kind should not be a
After inspecting this "Ziraat Bankasi" email, we determined that it is spam. The letter supposedly relates to credit transactions, which require the recipient's approval. It must be emphasized that this email is fake, and it is in no way associated with the real Ziraat Bankasi – a state-owned ban
Upon inspection of this email, it has been determined that it is a scam email. Scammers wrote it with the intention of obtaining sensitive information from the recipients. The email is written in French and includes a link to a phishing site. It is recommended that recipients disregard this email
Upon inspection of this email, we have determined that it has been authored by scammers impersonating an email service provider. The intention of these scammers is to deceive recipients into divulging sensitive information on a phishing site, which is a counterfeit login page. Therefore, we advise
During our analysis of malware samples submitted to VirusTotal, we discovered a ransomware dubbed Doebnank. This ransomware encrypts data, appends ".crypted_doebnank@outhyred_com" to filenames, and drops the "how_to_back_files.html" file (its ransom note). An example of how Doebnank modifies file