After analyzing the "ShenZhen A&E" email, our research team determined that it is spam intended to infect recipients' devices with malware. This letter claims that a massive sum has been transferred to the recipient's bank account and requests them to consult the attached payment slip. Once o
While inspecting rogue sites, our researchers discovered the onlineshield[.]info webpage. It loads deceptive content, promotes browser notification spam, and redirects visitors to other (likely dubious/malicious) pages. Onlineshield[.]info and similar websites are rarely accessed intentionally. Mo
Moon Browser is the name of a Chromium-based browser. After testing this browser, we found that it promotes the feed.moonbrowser.com address. Feed.moonbrowser.com is a fake search engine. Thus, it is recommended not to use it as a tool to browse the Internet and avoid using browsers (and other a
During a routine inspection of shady websites, our researchers discovered the "You've made the 16.39-billionth search!" scam. It uses content (names/graphics) associated with the Google search engine, thereby implying that this reward is given or sponsored by Google LLC. In fact, this scam is in n
We have discovered the CommonLocator application while examining various shady websites. Once installed, it starts displaying annoying advertisements. Therefore, our team has concluded that CommonLocator is typical adware. It is not recommended to have any adware installed on browsers or compute
Venom is the name of a ransomware-type program, which our researchers found while inspecting new malware submissions to VirusTotal. We learned that Venom belongs to the ZEPPELIN ransomware family. On our test system, this malicious program encrypted files and appended their filenames with the ".v
Window-save[.]com is a deceptive page running the "You've Visited Illegal Infected Website" scam and asking for permission to deliver notifications. We have discovered it while examining other sites that use rogue advertising networks. Websites like window-save[.]com can never be trusted and shoul
Noctua is a ransomware variant belonging to the Makop ransomware family. Our team has discovered this variant during the analysis of malware samples submitted to VirusTotal. It was found that Noctua encrypts files and appends a string of random characters, the noctua0302@goat.si email address, and
"Your phone is severly damaged by viruses" is a scam that our research team discovered while inspecting rogue websites. It claims that the visitor's mobile device has suffered damage from viruses and urges them to renew their McAfee anti-virus subscription. It must be emphasized that all these cl
We have discovered the womenlifewellness[.]com page during the analysis of various torrent pages, illegal movie steaming, and other sites that use shady advertising networks. It is an untrustworthy page that runs some health fraud scam and asks for permission to show notifications. The cre