Buybackdate is a ransomware that our researchers found while checking out new submissions to VirusTotal. This malicious program belongs to the ZEPPELIN ransomware family. After we executed a sample of Buybackdate on our test system, it encrypted files and appended their names with a ".bbd2.[victi
lifetimedesktopdefence[.]online is one of the deceptive websites designed to trick visitors into purchasing antivirus software. We examined this site and learned that it runs the "Norton Security - Your PC might be infected with viruses!" scam. Our team discovered lifetimedesktopdefence[.]online w
After investigating this email, we found that it is written by cybercriminals who seek to trick recipients into infecting their computers. This email is disguised as a letter from the Werth company regarding payment confirmation. Threat actors use this email to lure recipients into opening a malic
While investigating suspicious websites, our researchers found one running the "Norton - Your Phone May Be Receiving Many Spam Texts" scam. It is presented as an alert from the Norton anti-virus. The fake notification warns that the visitor's phone may be receiving spam and all data might be lost
Prestige is ransomware - malware that prevents victims from accessing (opening) their files by encrypting them. Additionally, Prestige appends the ".enc" extension to filenames and drops the "README" file containing a ransom note. An example of how this ransomware modifies filenames: it renames "1
Our researchers discovered the milipili[.]click rogue page while inspecting suspect websites. It promotes deceptive content, pushes spam browser notifications, and redirects visitors to different (likely untrustworthy/malicious) sites. Most users enter milipili[.]click and similar websites via red
ActiveLink is a rogue application that our research team found while checking out new submissions to VirusTotal. Our inspection of this app revealed that it is advertising-supported software (adware). Additionally, it is noteworthy that ActiveLink is part of the AdLoad malware family. Ad
We examined time-delta[.]xyz and learned that it displays deceptive content to trick visitors into allowing it to show notifications. Also, it redirects visitors to other untrustworthy pages. We discovered time-delta[.]xyz while inspecting pages that use rogue advertising networks. Typically, user
SchoolBoys is the name of a ransomware-type program that encrypts files and demands payment for the decryption. It is based on the leaked LockBit 3.0 builder - hence, SchoolBoys is virtually identical to this ransomware. The findings of BleepingComputer's researchers revealed that the cyber crimi
We examined this email and found that it is designed to steal personal information from recipients. Emails of this type are called phishing emails. Scammers use them to obtain sensitive information, such as credit card details, login credentials, or other info, by disguising themselves as legitima