While inspecting dubious websites, our research team discovered the "Apple Security Center" tech support scam that targets Apple device users. Schemes of this kind trick victims into calling fake support lines by making claims about nonexistent system infections. When we investigated a web
After analyzing this email, we concluded that it is a phishing email used to trick recipients into providing personal information. It masquerades as a warning message from the email service provider. This email contains a link designed to open a deceptive page. This letter claims that reci
Our analysis of the "Windows Defender Subscription" email revealed that it is spam. This fake letter is presented as a notification regarding the purchase of a one-year subscription for the Windows Defender security software. It must be emphasized that this is a scam, and it is in no way associat
After examining imilroshoors[.]com, we learned that the purpose of this page is to trick visitors into agreeing to receive notifications and redirect them to other pages. We discovered imilroshoors[.]com while inspecting other pages (websites that use rogue advertising networks). Such pages do not
Captchastate[.]link is a rogue webpage that promotes browser notification spam and redirects visitors to other (likely dubious/malicious) sites. Our researchers found this page while inspecting websites that use rogue advertising networks. It is noteworthy that the redirects caused by such sites
Oiltraffic is ransomware that our team discovered while analyzing malware samples submitted to the VirusTotal website. We learned that Oiltraffic is part of the VoidCrypt family. It encrypts files, appends the victim's ID, lokilocker@tutanota.com email address, and ".Oiltraffic" extension to filen
AdjustableRotator is a rogue application that our researchers discovered during a routine investigation of new submissions to VirusTotal. Our analysis of this app revealed that it works as advertising-supported software (adware). We also determined that AdjustableRotator belongs to the AdLoad ma
After examining the VibeProfile application, we learned that it displays annoying advertisements and can read sensitive information. We found this app on a deceptive page claiming that some installed software is out of date. Apps that generate advertisements are classified as adware. In most cas
Cceo is ransomware. It encrypts files and appends the ".cceo" extension to filenames. Also, it creates the "_readme.txt" file that contains instructions on how to contact the attackers and some other details. Our malware researchers discovered Cceo while checking the VirusTotal page for recently s
Pushmestar[.]com is one of the deceptive web pages designed to display a fake CAPTCHA to trick visitors into agreeing to receive notifications from the page. Also, pushmestar[.]com redirects to a page with an identical design. We discovered this site while examining other websites that use rogue a