While investigating suspicious sites, our researchers discovered this fake "Origin Ether (oETH)" airdrop. The deceptive webpage imitates the Origin Protocol platform (originprotocol.com). This scam operates as a cryptocurrency drainer, i.e., by stealing funds from exposed digital wallets. IM
Our team has inspected the email and concluded that it is a deceptive notification regarding a pending internal audit document. The goal is to steal personal information from unsuspecting recipients via a fake website. Such scams are classified as phishing emails. Recipients should always ignore s
Our examination of obeionalmitive[.]com has shown that this site is designed to display deceptive content to lure visitors into agreeing to receive its notifications. Once permission is granted, obeionalmitive[.]com can deliver fake messages created to trick users into interacting with them.
Mastablegary[.]com is a rogue webpage found by our researchers during a routine inspection of untrustworthy sites. After examining this page, we determined that it promotes browser notification spam and generates redirects to other (likely dubious/malicious) websites. Users most commonly access m
SafeLocker is ransomware that we discovered during an inspection of malware samples uploaded to the VirusTotal site. Once active, SafeLocker encrypts the victim's files and appends its extension (".8xUsq62"). For example, it renames "1.jpg" to "1.jpg. 8xUsq62", "2.png" to "2.png.8xUsq62", etc. Als
After reading this "Australia Lottery" email, we determined that it is spam. This is a phishing email that claims the recipient has won 9.5 million USD in a lottery. This spam mail aims to extract private information and potentially trick recipients into sending scammers money. The spam em
We have analyzed oxaterinoseced.co[.]in and found that its purpose is to receive permission to show notifications through clickbait. Once allowed, oxaterinoseced.co[.]in can send misleading notifications. Interacting with these notifications can direct users to potentially malicious websites.
During our inspection of malware samples uploaded to VirusTotal, we discovered the 9062 ransomware, which is based on Chaos ransomware. Upon execution, 9062 encrypts files and appends the ".9062" extension to files (e.g., it renames "1.jpg" to "1.jpg.9062" and "2.png" to "2.png.9062"). Additional
Our research team discovered dopotics[.]com while examining suspicious websites. This rogue page is designed to promote browser notification spam and redirect visitors to other (likely untrustworthy/harmful) sites. Dopotics[.]com and analogous webpages are primarily accessed via redirects caused b
Bgv-adguard[.]pro is a rogue webpage discovered by our research team during a routine inspection of suspicious sites. This page is designed to promote browser notification spam and redirect visitors to other (likely untrustworthy/hazardous) websites. Webpages like bgv-adguard[.]pro are most common