While investigating suspicious software-promoting websites, we discovered the Capital Buff browser extension. The page endorsing it described this software as an efficiency-increasing tool that has a to-do list widget and is capable of organizing browser bookmarks. After analyzing Capital Buff, w
After inspecting the "Retirement Funds" email, we determined that it is spam operating as a phishing scam. This letter is disguised as a notification from Principal regarding recipients' retirement funds. It must be emphasized that this email is fake, and it is in no way associated with Principal
"Mailbox Quota Exceeded" is a phishing spam campaign. We inspected two email variants belonging to this campaign. Both versions inform recipients that their email account storage quota has been exceeded and needs to be increased. When attempts are made to update the account, users get redirected
We have examined mypcdefenderplus[.]site and found that this is a deceptive page running the "McAfee - Your PC is infected with 5 viruses!" scam. We also noticed that mypcdefenderplus[.]site wants to send notifications. Our team discovered this site while inspecting pages that use rogue advertisin
Our research team found the lilustriousdates[.]net rogue page while investigating untrustworthy websites. It is designed to promote dubious content and spam browser notifications. Furthermore, this webpage can redirect visitors elsewhere (likely unreliable/malicious sites). Most users access page
KEEPCALM is ransomware that we have discovered during an analysis of malware samples submitted to the VirusTotal site. The purpose of KEEPCALM is to encrypt files. Also, it creates the "ReadMe.txt" file (a ransom note) and modifies filenames (appends the victim's ID, josealen@tutanota.com email ad
We have determined that this email is fraudulent and has been written by cybercriminals with the intent of tricking the recipients into infecting their computers. This email is disguised as a letter from IPG Legal, claiming that it has a long overdue invoice attached to it. The purpose of the emai
Captchaforcaptcha[.]top is a rogue webpage that we discovered while checking out suspicious websites. At the time of research, this page had two appearance variants – both designed to promote spam browser notifications. Furthermore, captchaforcaptcha[.]top can redirect visitors to other (likely un
During our investigation of various deceptive web pages (e.g., those offering updates for supposedly outdated software), our team discovered a questionable application called ResultProtocol. Upon installation, ResultProtocol began displaying unwanted advertisements, leading us to classify this a
Our researchers found the Alice ransomware while investigating new malware submissions to VirusTotal. Malicious programs within this classification operate by encrypting data and demanding payment for decryption. After we executed a sample of Alice on our test machine, it encrypted files and appe