Our researchers discovered this "$TRUMP Token Distribution" scam while investigating suspicious websites. The fake page claims to be distributing Trump tokens. The goal of this scam is to trick users into exposing their digital wallets to a cryptocurrency drainer. IMPORTANT NOTE: We do not r
Our analysis of searchonsite.com has revealed that it is a fake search engine promoted through an unwanted browser extension (a browser hijacker) known as SearchOnSite. The site itself does not generate search results, and the extension associated with it appears to offer no real value to users. T
Numec is ransomware that our team has discovered while examining malware samples uploaded to the VirusTotal platform. This ransomware encrypts files and puts them in the "EncryptedFiles" folder on the victim's desktop. Also, Numec drops its ransom note ("GetFilesBack.txt") and appends the ".numec"
We have analyzed aceadepreltitip.co[.]in and found that it is an untrustworthy web page created to trick visitors into permitting it to deliver notifications to their devices. If aceadepreltitip.co[.]in is allowed to show notifications, it sends fake warnings and other deceptive messages.
During our analysis of naceling[.]com, we noticed that the site employs a misleading tactic to obtain permission to show notifications. If users agree to receive these notifications, naceling[.]com bombards them with fake alerts and other deceptive content. Thus, naceling[.]com should be avoided a
Our researchers discovered mesodefender.co[.]in while investigating dubious websites. Upon examination, we determined that this rogue page endorses browser notification spam and redirects users to other (likely deceptive/malicious) sites. Most visitors access mesodefender.co[.]in and analogous web
After investigating "Mailbox Capacity Reduced", we determined that it is a phishing email. This message claims that the recipient's mailbox capacity has been reduced. When an attempt to restore the account is made, the recipient is deceived into disclosing their email log-in credentials. T
After inspecting this "Reviewing Account To Improve Server Effectiveness And Security" email, we learned that it is spam. This message is presented as an effort by a mail service provider to reduce the number of inactive email accounts. This spam campaign aims to trick recipients into revealing th
While inspecting new malware submissions to VirusTotal, our research team discovered Crone ransomware. This malicious program is designed to encrypt data and demand payment for the decryption. On our testing system, Crone encrypted files and added a ".crone" extension to their filenames. To elabo
Warning is ransomware belonging to the GlobeImposter family. We discovered it during our routine inspection of malware samples uploaded to VirusTotal. Our analysis shows that Warning encrypts files and appends ".warning!_16" (its extension) to them. The ransomware also creates a ransom note ("HOW_