Ransomwarebit is ransomware that our malware researchers have discovered while inspecting samples submitted to the VirusTotal website. We found that Ransomwarebit encrypts files, modifies filenames, and creates the "Restore_Your_Files.txt" text file (a ransom note). Ransomwarebit modifies filenam
Our research team discovered the trands[.]click rogue page during a routine inspection of suspicious websites. It runs scams, promotes spam browser notifications, and redirects visitors to other (likely untrustworthy/harmful) sites. Most users enter trands[.]click and pages akin to it – through r
Goadsnetwork[.]com is a deceptive website we found while investigating websites that use rogue advertising networks. Goadsnetwork[.]com displays deceptive content (a fake CAPTCHA) to deceive visitors into agreeing to notifications. Also, goadsnetwork[.]com may lead to other shady websites.
Our team investigated captchatoday[.]top and discovered that it displays a deceptive message (employs a clickbait tactic) to entice visitors into agreeing to receive notifications. We also found that captchatoday[.]top redirects to other unreliable pages. This website should be avoided and never p
While investigating untrustworthy webpages, our researchers discovered the unlimdate[.]com rogue site. It operates by promoting dubious/deceptive content and browser notification spam. Furthermore, this page can redirect visitors to other (likely unreliable/dangerous) websites. Users typically ac
Vantbox[.]com has been found to use a clickbait technique to lure visitors into permitting it to display notifications. Our team discovered vantbox[.]com while researching pages that utilize rogue advertising networks. It is common for users to stumble upon these types of pages accidentally.
Upon reviewing the letter, we found it to be a fraudulent email created by scammers with the intention of tricking recipients into giving away sensitive information. The email is disguised as a message from an email service provider and includes a link to a phishing site. Recipients should ignore
Our examination of malware samples on VirusTotal uncovered the scytaleSECC ransomware, which encrypts files and changes their names by appending the ".scytaleSECC" extension to filenames (e.g., transforming "1.jpg" to "1.jpg.scytaleSECC" and "2.jpg" to "2.jpg.scytaleSECC"). The ransom message is
Onevenadvllc[.]com is a rogue page we discovered while researching untrustworthy websites. It is designed to push browser notification spam and redirect visitors to other (likely unreliable/dangerous) sites. Webpages like onevenadvllc[.]com are most commonly accessed via redirects caused by sites
Mimic is a ransomware-type program. Malware within this classification is designed to encrypt data and demand ransoms for decryption. Evidence suggests that Mimic is based on the leaked CONTI ransomware builder. Mimic campaigns have been observed targeting English and Russian speaking users. Afte