While examining expocaptcha[.]top, we have found that it shows a deceptive message to trick visitors into agreeing to receive notifications. We have discovered expocaptcha[.]top while inspecting pages that use shady advertising networks. Users do not visit sites like expocaptcha[.]top on purpose.
Black Hunt is ransomware that blocks access to files by encrypting them, modifies filenames of all encrypted files, changes the desktop wallpaper, and drops "#BlackHunt_ReadMe.hta" and "#BlackHunt_ReadMe.txt" files (ransom notes). Black Hunt appends the victim's ID, sentafe@rape.lol email address
While examining samples submitted to VirusTotal, our malware researchers discovered Magic ransomware. We have found that this ransomware belongs to the Phobos family. Magic encrypts data, and appends the victim's ID, midnight@email.tg email address, and the ".magic" extension to filenames. Also,
We have examined venadvonline[.]com and found that it is a shady website designed to lure visitors into allowing it to show notifications. Venadvonline[.]com uses a clickbait technique to receive permission to show notifications. Also, venadvonline[.]com redirects to other untrustworthy web pages.
We have examined this scam and determined that it is a survey scam used to trick visitors into providing personal information and (or) transferring money. The page running this scam is disguised as a survey held by Tesco - a groceries and merchandise retailer. People who fall for such scams never
After testing the Streaming Downloader application, our team found that it operates as an advertising-supported application - it shows annoying (intrusive) advertisements. We discovered Streaming Downloader while inspecting numerous deceptive web pages. Apps that display ads and are promoted via d
It is a fake message displayed by a deceptive website designed to trick visitors into calling a fake technical support number. The website running this scam is disguised as a legitimate Microsoft site. Scammers behind it may try to extract personal information or money or use it for other maliciou
Hvzgbo is ransomware belonging to the Snatch family. It encrypts files, appends the ".hvzgbo" extension to filenames of all encrypted files, and drops the "HOW TO RESTORE YOUR FILES.TXT" file (a ransom note). Our malware researchers discovered Hvzgbo ransomware while examining samples submitted to
While analyzing genuinescansupport[.]com, we learned that it uses deceptive marketing (displays fake messages) to promote legitimate software. Also, genuinescansupport[.]com wants to show notifications. Shady pages should never be allowed to show notifications. We discovered genuinescansupport[.]c
FateGrab is the name of an information-stealing malware distributed along with another stealer called StealDeal. Threat actors deliver these malicious programs via email (they use a compromised email address for malware distribution) and messengers. Both FateGrab and StealDeal should be removed fr