We analyzed this email and found it to be malspam. The message poses as a shipping notification, urging recipients to click a link to check their order and tracking details. The link leads to a fraudulent website that silently downloads a trojanized remote access tool onto the visitor's device. Th
We have examined this email and determined it is a phishing scam. The message is disguised as an urgent security notice from an internal IT team, urging recipients to verify their email account ownership. It should be ignored to avoid having email credentials stolen by cybercriminals. The
We have examined this email and determined it is a scam. It is crafted to appear as a business inquiry from a LinkedIn buyer, complete with what claims to be a signed contract attachment. The file attached is a malicious HTML document that, when opened, displays a fake LinkedIn login page designed
Gines is ransomware belonging to the Makop family. We discovered it while examining new malware samples submitted to the VirusTotal website. It encrypts files, appends a complex extension to their filenames, drops a ransom note, and changes the desktop wallpaper. On our test machine, Gines append
During our investigation of suspicious cryptocurrency sites, our team came across apyx[.]team - a fraudulent page promoting a fake "APYX Token Launch" voting event. The site claims visitors can earn rewards by casting a "Genesis Vote," but it is actually designed to steal cryptocurrency by trickin
Our researchers discovered zenithflowrentix.co[.]in while investigating dubious websites. After examining this rogue page, we determined that it promotes browser notification spam and generates redirects to other (likely unreliable/dangerous) sites. Zenithflowrentix.co[.]in presents visito
Our analysis has revealed that pointlabsgrowth[.]com is designed to trick visitors into agreeing to receive browser notifications. The website uses a fake reCAPTCHA verification message as a lure. If permitted, pointlabsgrowth[.]com can deliver fake security warnings and other misleading notificat
Our research team found the labsgrowthworks[.]com rogue page while investigating suspicious websites. After examining this webpage, we determined that it promotes browser notification spam and generates redirects to other (likely unreliable or dangerous) sites. labsgrowthworks[.]com uses a
Banana RAT is a banking Remote Access Trojan (RAT) that targets people who bank in Brazil. According to research by Trend Micro, the malware lets attackers watch the victim's screen in real time, take over the keyboard and mouse, log keystrokes, and overlay fake bank or Windows Update screens whil
Our researchers discovered boutonaassly[.]com while investigating dubious websites. After examining this rogue page, we determined that it promotes browser notification spam and generates redirects to other (likely unreliable/dangerous) sites. Boutonaassly[.]com displays a plain black page