StarFire ransomware is a file-encrypting malware. The ransomware takes users’ files hostage by encrypting them and demands payment for a decryptor to recover them. The malware can be identified by the .Celestial extension added to encrypted files. If your files have that extension, you will not be able to open them until you put them through a decryptor. However, the…
ARCH WIPER ransomware is a type of malware that encrypts files. The malware is either still in development and is currently being tested, or its operators are simply trying to cause damage as they do not offer a decryptor. That is unusual for ransomware, as operators usually try to sell the decryptor so they can make money. In this case,…
The “Message Restriction Activity” email is part of a phishing campaign that tries to trick users into disclosing their email login credentials. The email claims that 5 new emails have not been delivered to users’ inboxes for unspecified reasons. If users want to get the emails, they are asked to click on the provided button. However, doing that would lead users…
The “Flare Airdrop” crypto scam refers to a scam that imitates the legitimate Flare platform to trick users into connecting their digital wallets to a malicious site. The main goal of these types of scams is to get users to initiate crypto drainers that would steal all the funds in the digital wallets. Flare is a legitimate base-layer blockchain that allows…
Midnight ransomware is a file-encrypting malicious program that takes files hostage by encrypting them. The malware uses military-grade encryption to encrypt files, making them unopenable. When files are encrypted, an extension is added to them, which is .midnight in this case. This allows users to identify both which files have been encrypted and what ransomware specifically they are dealing with.…
The “Hinkal” crypto scam refers to scams that imitate Hinkal, a legitimate crypto platform. Malicious actors have created an imitation site app-hinkal.cyou, that asks users to connect to their digital wallets. The legitimate Hinkal website is hinkal.pro. If users connect their digital wallets on the scam site, they will initiate a crypto drainer that will make unauthorized transfers and eventually drain…
Datarip ransomware is file-encrypting malware from the MedusaLocker family. This type of malware takes files hostage by encrypting them and demands payment for their recovery. Files encrypted by Datarip ransomware can be identified by the .datarip extension added to encrypted files. Unfortunately, files having that extension indicates that they have been encrypted and cannot be opened. Such files need to be…
ARROW ransomware will take your files hostage as it’s a file-encrypting malware. You can recognize when you’re dealing with this particular ransomware when encrypted files have the .ARROW extension added to them. Unfortunately, you will not be able to open files that have this extension unless you first use a decryptor on them. However, acquiring the decryptor will not be…
The “Account Review Report” email falls into the phishing category as it tries to phish users’ email login credentials. The email is disguised as a notification from the email service provider about recipients needing to take action to prevent restricted access to their accounts. Supposedly, users’ passwords are about to expire, and they need to choose either to keep the same…
The “HEX Airdrop” scam refers to an attempt to steal users’ cryptocurrencies by imitating the legitimate Hex website. Hex is a legitimate blockchain-based certificate of deposit (CD) system, with hex.com as the official website. To take advantage of Hex’s popularity, malicious actors have created an imitation site (events-hex.net) that tries to trick users into connecting their digital wallets and initiating a…