BQTLOCK is ransomware designed to prevent victims from accessing/using their files by encrypting them. In addition to locking data, the ransomware appends its extension (".BQTLOCK") to files and provides a ransom note ("READ_ME-NOW_2526968.txt"). Here is an example of how BQTLOCK renames files: it
We have inspected the site (estatex.w3claim[.]xyz) and determined that it promotes a fraudulent airdrop (a cryptocurrency giveaway). Moreover, the page masquerades as the original ExtateX page (estatex.eu) to trick users into "participating" in the airdrop. The fake site should not be trusted to a
We have inspected the email and found that it is fraudulent. It is designed to trick recipients into believing that they have won a large sum of money. Typically, emails of this type are utilized to extract money and (or) personal information from unsuspecting recipients. It is important to recogn
Our inspection of this "Oman Air" email revealed that it is fake. This spam message invites the recipient to participate in a vendor procurement project. It must be emphasized that this fraudulent email is not associated with the actual Oman Air. In most cases, spam campaigns of this kind target s
We have examined the site (elicpse[.]xyz) and found that it is a fraudulent copy of the Humanity Protocol site (humanity.org). The fake site is designed to deceive users into connecting their cryptocurrency wallets, giving scammers the opportunity to steal funds. Identifying and avoiding such fake
Our researchers discovered this fake "Solana" airdrop while inspecting suspicious sites. It masquerades as the Solana blockchain platform (solana.com). The purpose of this imitator page is to deceive users into disclosing their cryptowallet log-in credentials (phishing scam). It is noteworthy that
Our team has inspected the website (alphafi[.]live) and found that it is a copy of the original AlphaFi site (alphafi.xyz). The fake page has a very similar design and is created to steal personal information from individuals. The consequence of falling for this scam can be significant monetary lo
Our researchers found this fake "Pump.fun" site during a routine investigative session. It imitates the official altcoin platform dubbed Pump.fun (pump.fun), and lures users with a sale of the PUMP token. Victims of this scam expose their cryptowallets to a cryptocurrency drainer. IMPORTANT
We have reviewed the site (plasmaxpl[.]xyz) and uncovered that it is a fake site mimicking the original Plasma website (plasma.to). The scammers who created the deceptive one aim to trick users into connecting their wallets, which allows fraudsters to steal cryptocurrency. It is important to recog
While investigating suspicious websites, our research team discovered this fake "Euclid Swap" page (euclidprotocol[.]pro; potentially, other domains). This imitator webpage aims to deceive users into exposing their digital wallets to a cryptocurrency drainer. IMPORTANT NOTE: We do not review