While investigating dubious websites, our research team discovered the axischainedge[.]com rogue page. Upon examination, we determined that it operates by promoting browser notification spam and redirecting visitors to different (likely untrustworthy/malicious) sites. Most users access axischained
Our researchers discovered the "Critical Security Alert" scam while inspecting spam emails. This is an affiliate scam that aims to deceive users into downloading or purchasing software by claiming their phones are infected and that their private data is being sent to unknown servers. When
"CrashFix" refers to a social engineering technique intended to infect systems with malware. It is facilitated by a malicious browser extension that crashes the victim's browser and provides fake steps to fix the issue. By following these steps, the victim executes a malicious command on their dev
Happy is a ransomware-type program discovered by our researchers during a routine inspection of new submissions to the VirusTotal website. This malicious program belongs to the MedusaLocker ransomware family. After we executed a sample of malware on our test system, it encrypted files and added a
Evelyn is an information stealer designed to avoid security analysis while it gathers data. The malware can pilfer data such as saved browser passwords, clipboard contents, Wi‑Fi credentials, cryptocurrency wallets, and other information. All stolen information is then sent to the threat actor's c
Our researchers discovered the Lab malicious program while browsing new file submissions to the VirusTotal website. This software is part of the Makop ransomware family. On our test machine, Lab ransomware encrypted files and changed their filenames. Original filenames were appended with a unique
EndRAT is malware that spreads through phishing links designed to look like legitimate advertisements. It is classified as a remote access trojan (RAT) that allows attackers to remotely control infected systems, execute commands, and carry out other malicious activities. If detected on a device, E
We have inspected the website and determined that it is a scam. This fraudulent scheme involves fake warnings designed to trick visitors into contacting scammers. Falling for such scams can lead to consequences such as identity theft, computer infections, or financial losses. This and similar we
We have examined the malware and found it to be ransomware. Our team has discovered Redgov while inspecting malware samples submitted to VirusTotal. Once a system is infiltrated, Redgov encrypts files, appends the ".redgov" extension to files, and drops a ransom note ("!!!_DECRYPT_INFO_!!!.txt").
Our team has examined the malware and concluded that it is ransomware belonging to the Makop family. After execution, Decrypt encrypts files, modifies filenames (by appending the victim's ID and the ".decrypt" extension), changes the desktop wallpaper, and provides a ransom note ("+README-WARNING+