Our research team found the RestoreMyData ransomware during a routine review of new malware submissions to the VirusTotal website. Programs within the ransomware classification encrypt data and demand payment for its decryption. On our test machine, RestoreMyData encrypted files and appended thei
Our inspection of the "RITCHMEN (S) PTE LTD" email revealed that it is spam. This message claims that the recipient has been sent an invoice and is requested to confirm the payment. It must be emphasized that this spam campaign is not associated with any legitimate entities. This email aims to lur
Our researchers discovered the Level ransomware while browsing new submissions to VirusTotal. This program is part of the Babuk ransomware family. Ransomware operates by encrypting data and demanding ransoms for the decryption. On our testing system, Level encrypted files and added a ".level" ext
Our team found that axishankylic[.]com attempts to deceive users into allowing it to show notifications. After gaining permission, it can push misleading alerts that lead to questionable and potentially malicious sites. Users should avoid axishankylic[.]co and close it immediately if they land on
During a routine investigation, we found the search-redirect.com fake search engine. Usually, websites of this kind cannot provide search results and redirect to legitimate Internet search sites. Search engines like search-redirect.com are commonly promoted (via redirects) by browser hijackers.
Our inspection has shown that stylethreadhub[.]com runs the "Norton Security - Your Pc Is Infected With 5 Viruses!" scam and requests permission to show notifications. Allowing websites like stylethreadhub[.]com to send notifications can expose users to more scams and other online threats. Thus, s
After reviewing this "You Have Exhausted All Of Your Available Email Storage" message, we determined that it is fake. This spam email recommends that the recipient submit a request for more mailbox storage space. This campaign's goal is to deceive recipients into disclosing their email account log
Our analysis revealed that troxalioutarbah[.]com is designed to trick users into enabling browser notifications. Once permission is granted, the site can deliver deceptive alerts and messages that direct users to untrustworthy or potentially harmful websites. Users should avoid visiting troxaliout
We have inspected the site and found that it runs a pop-up scam involving deceptive messages posing as Microsoft alerts. Usually, scammers behind such schemes aim to trick visitors into calling the provided fake technical support number. Falling for this scam can lead to monetary loss, computer in
We have inspected Jackpot and found that it is ransomware from the MedusaLocker family. We discovered this ransomware during an examination of malware samples submitted to VirusTotal. Once executed, Jackpot encrypts and renames files, changes the desktop wallpaper, and provides a ransom note ("REA