Our research team discovered the broadmaster[.]top rogue webpage during a routine investigation of questionable websites. This page aims to trick visitors into allowing it to deliver spam browser notifications. At the time of research, it did so by using fake CAPTCHA verification. Users typically
We have examined gazpachuisthree[.]xyz and learned that it is a deceptive website that shows fake messages to trick visitors into believing that their computers are infected. Also, gazpachuisthree[.]xyz wants to show notifications. Users do not visit sites like gazpachuisthree[.]xyz willingly.
While analyzing this email, we found that it is a fake letter from USPS created by scammers. Scammers behind it aim to trick recipients into opening a fake login page and entering credentials on it. Emails of this type are called phishing emails. This scam email is disguised as a reminder
While checking the VirusTotal website for recently submitted samples, we discovered malware dubbed Septwolves. We learned that Septwolves is ransomware designed to encrypt files, append the ".septwolves" extension to filenames, and drop two ransom notes ("RESTORE_FILES_INFO.txt" and "RESTORE_FILES
While inspecting new submissions to VirusTotal, our researchers discovered the 4AGcf ransomware. This malicious program is part of the Babuk ransomware family. After we executed a sample of this ransomware on our test machine, it encrypted files and appended their filenames with a ".4AGcf" extens
Our team has examined securityguardplus[.]site and found that this page uses deceptive marketing to promote legitimate antivirus software. It shows deceptive messages to trick visitors into believing that their computers might be infected. We determined that securityguardplus[.]site runs the "Nort
Our inspection of the "Mailbox Cache Is Full" email revealed that it is spam. This mail operates as a phishing scam targeting recipients' email account log-in credentials (passwords). These spam emails claim that the mailbox cache must be cleared so that the account could operate without problems.
After downloading and adding the Word Replace And Load application to a web browser, we learned that this extension shows intrusive advertisements. Software that displays ads is classified as adware. Our team discovered Word Replace And Load while examining deceptive websites. Advertising-
RYKCRYPT is one of the ransomware variants belonging to a ransomware family called VoidCrypt. We discovered RYKCRYPT while checking the VirusTotal website for recently submitted malware samples. RYKCRYPT is ransomware that encrypts files, provides a ransom note (creates the "unlock-info.txt" file)
While analyzing store-notifications[.]online, our team learned that this is a deceptive page that shows a fake message to trick visitors into downloading a certain application. We discovered store-notifications[.]online while inspecting shady ads and other pages of this kind. Store-notifications