We have analyzed the page (tradingbotcrypto[.]com) and discovered that its purpose is to trick unsuspecting visitors into executing a malicious tool designed to steal their cryptocurrency. Typically, websites like this one offer rewards or other benefits to lure users. It is important to be carefu
During our analysis of the site (wwdc25[.]com), we found that it is a scam website posing as the official Worldwide Developers Conference (WWDC) website. This fraudulent site promotes a fake cryptocurrency giveaway. Scammers behind this scheme seek to steal cryptocurrency from victims. App
Our research team found the Adicea.app adware. This rogue application belongs to the Pirrit adware family. Advertising-supported software is designed to generate revenue for its developers/publishers. Adware operates by running intrusive advertisement campaigns. Typically, this software
Our examination shows that retobeassilentasaf[.]org is a misleading web page created to trick visitors into permitting it to show notifications. If users agree to receive notifications from retobeassilentasaf[.]org, they can be exposed to scams and other online threats. Thus, this site should be a
While reviewing new malware submissions to VirusTotal, our researchers discovered the Puld ransomware. This malicious program belongs to the MedusaLocker ransomware family. Puld is designed to encrypt files and demand payment for the decryption. On our test machine, this ransomware encrypted file
We have inspected adsfreshclick[.]top and found that it uses clickbait to deceive visitors into agreeing to receive its notifications. When adsfreshclick[.]top obtains permission to show notifications, it delivers fake messages to promote other untrustworthy websites. Thus, adsfreshclick[.]top sho
Our discovery of the Backups malware occurred while examining samples uploaded to VirusTotal. Our analysis shows that Backups is ransomware designed to encrypt files and appends an email address and the ".backups" extension to files. For instance, it renames "1.jpg" to "1.jpg.[backups@airmail.cc].
During our inspection of Valenciennes.app, we found that it is adware belonging to the Pirrit family. Multiple security vendors flag this application as malicious, and it can display annoying ads to promote potentially malicious web pages. Thus, users should avoid installing the Valenciennes.app
We analyzed FatHomage.app and found that it displays unwanted ads, which is why we classify it as adware. Besides showing ads, it may also collect various information. Additionally, multiple security vendors flag it as malicious, and it is associated with the Pirrit adware family. Thus, users sh
While investigating dubious sites, our research team discovered this fake "Ethereum (ETH) Rewards" webpage (ethrewards[.]pro; other domains are possible). This deceptive page supposedly allows users to get any unclaimed Ethereum rewards that they may have. The scam aims to deceive victims into exp