Vantbox[.]com has been found to use a clickbait technique to lure visitors into permitting it to display notifications. Our team discovered vantbox[.]com while researching pages that utilize rogue advertising networks. It is common for users to stumble upon these types of pages accidentally.
Upon reviewing the letter, we found it to be a fraudulent email created by scammers with the intention of tricking recipients into giving away sensitive information. The email is disguised as a message from an email service provider and includes a link to a phishing site. Recipients should ignore
Our examination of malware samples on VirusTotal uncovered the scytaleSECC ransomware, which encrypts files and changes their names by appending the ".scytaleSECC" extension to filenames (e.g., transforming "1.jpg" to "1.jpg.scytaleSECC" and "2.jpg" to "2.jpg.scytaleSECC"). The ransom message is
Onevenadvllc[.]com is a rogue page we discovered while researching untrustworthy websites. It is designed to push browser notification spam and redirect visitors to other (likely unreliable/dangerous) sites. Webpages like onevenadvllc[.]com are most commonly accessed via redirects caused by sites
Mimic is a ransomware-type program. Malware within this classification is designed to encrypt data and demand ransoms for decryption. Evidence suggests that Mimic is based on the leaked CONTI ransomware builder. Mimic campaigns have been observed targeting English and Russian speaking users. Afte
DODO is the name of a malicious program that is classed as ransomware. This malware is designed to encrypt data and demand ransoms for the decryption tools. Once we launched a sample of DODO on our test machine, it encrypted files and changed their filenames by appending them with a ".dodov2" ext
We discovered two email variants belonging to the "Mailbox Full" spam campaign. These letters make false claims regarding the recipients' email accounts. This spam mail aims to trick them into visiting phishing websites that imitate legitimate email account sign-in pages. One of the spam e
Our examination of the Quick Pic Download browser extension revealed that it shows intrusive ads, leading us to classify it as adware. Adware is commonly promoted and distributed using misleading or questionable practices. We discovered the Quick Pic Download app on a shady website. Quick
LockBit Green is ransomware that encrypts the victim's data, appends a random extension to filenames of all encrypted files, and drops the "!!!-Restore-My-Files-!!!.txt" file containing a ransom note. It is known that LockBit Green is based on Conti ransomware. An example of how LockBit Green ren
While investigating suspicious websites, our researchers discovered the Nautica browser extension. This piece of rogue software operates as a browser hijacker – modifies browser settings, causes redirects, and spies on users' browsing activity. Browser hijackers typically promote fake sear