We have inspected search.getbettersearch-api.com and discovered that it is a fake search engine promoted through a browser extension (Better Search) that functions as a browser hijacker. Both fake search engines and browser hijackers should be avoided. If search.getbettersearch-api.com and (or) Be
We have examined the page (swap.fliuild[.]io) and discovered that it is a fake Fluid site designed to steal cryptocurrency. It closely mimics the original platform (fluid.io) to trick unsuspecting users into connecting their wallets. Falling for this scam can result in huge financial losses.
Our research team found Marmose.app while inspecting new submissions to the VirusTotal site. After examining this rogue application, we determined that it is advertising-supported software from the Pirrit adware family. Adware stands for advertising-supported software. Its purpose is to
JSCEAL is an information stealer targeting mainly cryptocurrency applications. Cybercriminals use malicious ads to trick victims into downloading fake apps that mimic nearly 50 popular cryptocurrency trading platforms. If JSCEAL is detected on the system, it should be eliminated as soon as possibl
Our researchers discovered this fake "$PUMP" airdrop during a routine investigative session. The page states that users can claim PUMP tokens, and with this lure – the scam aims to trick victims into exposing their digital wallets to a cryptocurrency drainer. IMPORTANT NOTE: We do not review
We have inspected respraccipsaurs[.]com and concluded that its goal is to trick visitors into accepting its notifications. If allowed, respraccipsaurs[.]com can show misleading alerts and similar messages. These notifications contain links to potentially malicious sites. Thus, respraccipsaurs[.]co
During our inspection of malware samples uploaded to VirusTotal, we discovered BOBER, a variant of the CONTI ransomware. Once executed on the device, BOBER encrypts files and appends its extension to them. It also provides a ransom note ("R3ADM3.txt"). BOBER appends a string of random characters t
Our research team discovered the brobitte.co[.]in rogue page while investigating suspicious websites. Upon inspection, we learned that this webpage promotes browser notification spam and redirects visitors to other (likely dubious/dangerous) sites. The majority of visitors to brobitte.co[.]in and
Our researchers discovered this "Solana (SOL) Rewards" webpage during a routine investigation. This deceptive page promises "special rewards". It must be emphasized that this bogus rewards program is not associated with the real Solana platform. The purpose of this site is to trick users into expo
Our analysis shows that gojogo-messaging[.]com is used to deceive visitors into allowing notifications. Once granted permission, it can send misleading alerts and similar messages that may lead to unreliable or harmful websites. For this reason, users should avoid visiting gojogo-messaging[.]com a