During a routine investigation of untrustworthy sites, we discovered the oratefinauknceiwo[.]com rogue page. It is designed to promote dubious content and spam browser notifications. Furthermore, it can redirect visitors to other (likely unreliable/hazardous) websites. Most visitors to oratefinau
Our research team discovered the "Your McAfee Subscription Is Out Of Date" scam while investigating rogue websites. This deceptive content makes false claims regarding infections on the user's device. Typically, scams of this type are used to promote untrustworthy/harmful software. It must be str
Our inspection of the "Ledger Wallet Has Been Suspended Due To Suspicious Activity" email revealed that it is spam. This letter is presented as a notification regarding the suspension of the recipient's cryptocurrency wallet. It must be emphasized that this email is a scam, and it is not associate
While examining new submissions to the VirusTotal website, our researchers discovered the btc-A ransomware. This malicious program belongs to the Xorist ransomware family. When we launched a sample of this ransomware on our test system, it encrypted files and appended their titles with a ".btc-Ap
Our research team found the Amazon Rain Forest - New Tab Search browser extension while investigating deceptive webpages. This extension is endorsed as a tool that displays browser wallpapers depicting the Amazon rainforest. After analyzing this piece of software, we determined that it is a brows
Convert Page to PDF browser extension is advertised as a tool that allows users to convert a web page into a PDF file simply by clicking on its icon. However, during our examination, we noticed that Convert Page to PDF app displays annoying advertisements. Thus, we classified this program as adwar
Upon analyzing the email, our team has determined that its purpose is to trick recipients into revealing their personal information. Such letters are called phishing emails. The email in question urges recipients to review certain documents, but in reality, it is a fraudulent message that should b
GAZPROM is a malicious program that uses CONTI ransomware's code. Malware within the ransomware classification operates by encrypting data for the purpose of demanding ransom for its decryption. After we executed a sample of GAZPROM on our testing system, it encrypted files and appended their fil
Upon examining this email, we have discovered that it is a phishing scam that masquerades as a notification from the South African Post Office. The objective of this fraudulent email is to trick the recipients into accessing a bogus website and divulging their personal information. Therefore, it i
Rec_rans is the name of malware that operates as ransomware. Our team discovered it while examining malware samples on VirusTotal. Rec_rans encrypts files on the infected computer, changes the desktop wallpaper, drops the "HOW_TO_RECOVERY_FILES.txt" file containing a ransom note, and adds the ".re