While testing Traiolx Custom Utils, we discovered that it does not offer any features to users. Moreover, it contains a malware loader called Legion Loader and other unwanted components. Installing Traiolx Custom Utils can lead to computer infections and other issues. Thus, users should avoid inst
Our team has examined Helper (malware we discovered while inspecting samples uploaded to VirusTotal) and concluded that it is ransomware. Once infiltrated, Helper encrypts files and provides a ransom note ("README.TXT"). It also modifies filenames by appending the victim's ID and the ".helper" ext
In our analysis of ecoaturicudses[.]com, we found that this website uses clickbait to lure users into consenting to get notifications from it. Once this permission is given, ecoaturicudses[.]com starts sending fake warnings, alerts, and other deceptive messages. This page can expose users to scams
Our analysis of the site (pepeofmind[.]com) has uncovered that it is fake. This page is a copy of the original MIND of Pepe website (mindofpepe.com). It is created to deceive unsuspecting individuals into taking actions that allow scammers to steal their cryptocurrency. If encountered, this page s
While inspecting untrustworthy sites, our researchers discovered the inj-protect[.]pro rogue webpage. It endorses spam browser notifications and generates redirects to different (likely dubious/dangerous) websites. The majority of visitors to inj-protect[.]pro and similar pages access them through
While examining suspicious websites, our researchers discovered this fake "Atomic Wallet" page. It masquerades as the official site (atomicwallet.io). This is a phishing scam, i.e., the imitator webpage seeks to extract users' digital wallet log-in credentials. IMPORTANT NOTE: We do not revi
During a routine investigative session, our researchers discovered this fake Vulcan website (role-app[.]net; potentially others). It impersonates the official Vulcan site (vulcan.xyz) and encourages users to connect their digital wallets to receive a role and gain privileges. This scam operates as
CyberVolk BlackEye is a ransomware-type program. Malware of this kind is designed to encrypt files and demand payment for the decryption. On our test machine, CyberVolk BlackEye encrypted files and added a ".CyberVolk_BlackEye" (or simply ".CyberVolk") to their names. To elaborate, a file initial
Our team has examined the page (clearsee[.]top) and discovered that it uses a malicious tool to steal cryptocurrency. It is disguised as a crypto exchange to lure users into taking harmful actions. Thus, users should be careful when encountering such pages and avoid interacting with them. IM
EDDIESTEALER is a malicious program classed as a stealer. It is written in the Rust programming language. Stealers are designed to extract and exfiltrate vulnerable information from infected devices. EDDIESTEALER targets log-in credentials, cryptocurrency wallets, and other sensitive data.