After examining the letter, we have determined that it is a deceptive email designed by scammers to deceive recipients into divulging sensitive information. The email is disguised as a message from an HR department and contains a link to a phishing website. It is recommended that recipients disreg
Money Message is ransomware that encrypts files and creates a ransom note ("money_message.log" file). Unlike most ransomware variants, Money Message does not rename files (it does not append its extension to filenames). Cybercriminals use Money Message to extort money from victims. Screenshot
Rn is ransomware that uses encryption to prevent victims from accessing their files. In addition to encrypting files, Rn appends the ".rn" extension to filenames and changes the desktop wallpaper to a ransom note. An example of how Rn modifies filenames: it renames "1.jpg" to "1.jpg.rn", "2.png" t
After downloading and installing ArchiveTask, our team found that its primary purpose is to display annoying advertisements, which prompted us to categorize it as adware. It is worth noting that users often unknowingly download and install adware, without realizing what this software does.
The purpose of grakorte[.]com is to trick visitors into agreeing to receive notifications from it. Additionally, grakorte[.]com may redirect visitors to other untrustworthy pages. Our team discovered grakorte[.]com while inspecting web pages that utilize rogue advertising networks. Grakort
We inspected yourcoolwords[.]com and found that this page presents a deceptive message to lure visitors into allowing it to show/send notifications. Also, yourcoolwords[.]com redirects visitors to other websites. We encountered yourcoolwords[.]com while exploring sites that use shady advertising n
Hairysquid is ransomware that encrypts files and appends the ".Hairysquid" extension to the filenames of the encrypted files. Hairysquid is a new variant of the Mimic ransomware. In addition to encrypting files, Hairysquid creates a ransom note (the "READ_ME_DECRYPTION_HAIRYSQUID.txt" file). An e
Upon downloading and installing PromotePower, our team discovered that its main function is to display bothersome advertisements, leading us to classify it as adware. It is important to note that users often unwittingly download and install adware without understanding the potential consequences
While examining the SAI assistant browser extension, we noticed that it modifies the settings of a web browser to promote a fake search engine (search.extjourney.com). Thus, we classified AI assistant as browser hijacker. Additionally, AI assistant can read various data. Users should not download
Sus is ransomware that our team discovered while checking malware samples submitted to the VirusTotal page. We found that Sus is based on Chaos ransomware. Sus encrypts data, appends the ".sus" extension to filenames of all encrypted files, and drops a ransom note (the "read_it.txt" file). An exa