Upon examining this letter, we have determined that it is a fraudulent email composed by scammers with the intention of tricking recipients into divulging sensitive information. The email is disguised as a message from an email service provider and includes a hyperlink to a phishing website. It is
While examining malware samples submitted to VirusTotal, we discovered a ransomware variant based on Chaos ransomware dubbed SkullLocker. This ransomware encrypts files, creates the "read_it.txt" file (a ransom note), and appends the ".skull" extension to filenames. An example of how SkullLocker
Blacksnaketeam is a ransomware-type program designed to encrypt data and demand payment for its decryption. When we executed a sample of Blacksnaketeam on our test machine, it began encrypting files. The filenames of affected files were appended with a ".pay2unlock" extension. For example, a file
Our team has examined factor1right[.]com and found that this site offers to download a malicious file and asks for permission to send notifications. We discovered factor1right[.]com while inspecting pages that use shady advertising networks. Usually, users access sites like factor1right[.]com inad
During our analysis of the My Cloud Tab browser extension, our team discovered that it functions as a browser hijacker. The primary objective of this application is to promote search.mycloudtab.com, a bogus search engine. My Cloud Tab achieves browser hijacking by manipulating the browser's settin
We have examined this email and found that it is a phishing letter. Emails of this type are fraudulent emails sent by cybercriminals with the intention of tricking the recipient into revealing sensitive information such as login credentials or other personal data. In this case, the phishing email
Our researchers discovered the worldcommonjournal[.]com rogue page while investigating dubious websites. It is designed to promote browser notification spam and redirect users to other (likely unreliable/dangerous) sites. Visitors to worldcommonjournal[.]com and pages akin to it – primarily acces
Our research team discovered an installer containing the Tidings application while inspecting deceptive websites. After analyzing this app, we determined that it is advertising-supported software (adware). Tidings operates by displaying ads, and it may have additional harmful abilities. Ad
While investigating deceptive sites, our research team discovered the GPT Search Navigator browser extension. It promises to improve users' Google searches. Our inspection of this extension revealed that GPT Search Navigator is a browser hijacker promoting the ask.gptsearchnavigator.com fake searc
Our research team discovered the 726 ransomware during a routine inspection of new submissions to VirusTotal. It is designed to encrypt data and demand ransoms for decryption. After we executed a sample of 726 on our test system, the ransomware appended the files it encrypted with a "..726" exten