While inspecting dubious advertisements, our researchers discovered "ARK Invest Crypto Giveaway". It follows the classical model of cryptocurrency giveaway scams. "ARK Invest Crypto Giveaway" promises double the return on the Bitcoin and/or Ethereum cryptocurrencies that users contribute to it. It
While inspecting new malware submissions to VirusTotal, our research team discovered a ransomware called Ryuk. We determined that this program is part of the Chaos ransomware family. After executing a sample of it on our test system, we learned that it encrypts files and appends their filenames w
Victorysweepstakes[.]com is a deceptive page designed to trick visitors into providing information and allowing it to show notifications. We have discovered the victorysweepstakes[.]com page while examining other pages that use rogue advertising networks. It is uncommon for pages like victorysweep
Web Ad Block is a browser extension that our research team discovered while inspecting dubious download webpages. This piece of software promises to block advertisements on the YouTube video-hosting platform. However, our analysis revealed that instead of removing ads, this extension displays the
Win-scan[.]com is a rogue webpage that our researchers discovered while inspecting dubious sites. It promotes scams, pushes browser notification spam, and redirects visitors to different (likely untrustworthy/dangerous) websites. Users typically access sites like win-scan[.]com via redirects cause
WheelInstant is a rogue application that our researchers found while inspecting new submissions to VirusTotal. Our analysis of this app revealed that it operates as advertising-supported software (adware) and belongs to the AdLoad malware family. Adware is designed to display ads (e.g.,
While inspecting untrustworthy sites, our researchers discovered the shield-fordesktop[.]com webpage. It operates by promoting deceptive material (scams), pushing browser notification spam, and redirecting visitors to other (likely dubious/malicious) pages. Most users enter sites like shield-ford
While inspecting spam browser notifications, our research team found the "FedEx PACKAGE WAITING" scam. This scheme operates as a phishing scam, with the additional goal of tricking victims into subscribing to a paid service. It must be emphasized that all the claims made by this scam are false, a
While inspecting sites that use rogue advertising networks, our researchers discovered the "Win A New iPhone 13" scam. It operates as a phishing scam and may also attempt to extract money from victims under the guise of subscription fees. The scam claims that users have the chance to win a
CryptoWallet Address Replacing Virus refers to a system infection with a malicious program, which has clipper functionalities. Clippers (also known as clipboard hijackers) are designed to change the data copied into the clipboard. In this article we will analyze clippers designed to replace copie