Raptum is ransomware from the MedusaLocker family. Our discovery of Raptum occurred during an inspection of malware samples submitted to VirusTotal. This ransomware encrypts files and appends the ".raptum46" extension (the number in the extension might vary). It also generates a ransom note ("RECO
Our examination of exallambous[.]com has revealed that the page uses clickbait, a deceptive method, to trick visitors into agreeing to get its notifications. If users accept those notifications, they can be lured into scam sites and other unreliable pages. Thus, it is highly advisable not to trust
We have reviewed deshystria[.]com and concluded that it is a deceptive website. It presents a misleading message designed to trick visitors into agreeing to receive its notifications. If allowed, deshystria[.]com can deliver fake warnings and similar messages. Users should not trust deshystria[.]c
Our inspection of unutcacer[.]com indicates that the site uses clickbait to get visitors to enable its notifications. Once activated, these notifications may direct users to unreliable or potentially harmful websites. Users are advised to remain cautious and avoid following any instructions provid
Our analysis of kinerbum[.]com shows that it relies on clickbait to persuade visitors to allow notifications. Once these notifications are enabled, they can be used to trick users into opening unreliable and potentially harmful websites. It is best to stay cautious when encountering pages like kin
We have examined the page and discovered that it runs a technical support scam. The site displays fake warnings to trick visitors into following the provided instructions. Falling for such scams can lead to various problems, including account hijacking, computer infections, and monetary loss. This
Our team has analysed the malware and determined that it is ransomware. We discovered Immigration ransomware while inspecting malware samples uploaded to VirusTotal. After execution, it encrypts files, creates the "WHATS_HAPPEND.txt" file (a ransom note), and appends the ".eimmigration" extension
Massiv is a banking Trojan aimed at Android devices. It allows threat actors to take control of infected phones and carry out fraudulent transactions from the victim's bank accounts. Cybercriminals disguise Massiv as IPTV apps to trick users searching for online TV services. If detected on a devic
We analyzed cynovira[.]com and found that it uses clickbait to lure visitors into enabling notifications. These notifications may show misleading content and direct users to untrustworthy websites. Users should be cautious with sites like cynovira[.]com and avoid following the instructions they pr
PromptSpy is an Android malware that uses generative AI for persistence. It uses Google Gemini to analyze what appears on the infected device's screen and determine how to remain active in the recent apps list. This helps the malware keep running in the background. Its main goal is to install a VN