Our researchers discovered this fake "Claim Sign" page (claim.signcommunity[.]link; possibly other domains) during a routine investigation. This webpage masquerades as the Sign Protocol website (sign.global). It lures victims into exposing their digital wallets to a cryptocurrency drainer by imply
While investigating suspicious websites, our researchers discovered this fake "WalletConnect Token (WCT) Airdrop". The scam offers an unbelievable discount for WalletConnect Tokens (WCT), yet after victims make the purchase – they receive nothing. It must be emphasized that this scam is in no way
We have examined Gastaldo.app and discovered that it displays unwanted advertisements. Thus, we classified Gastaldo.app as adware. In addition to delivering ads, Gastaldo.app may gather user data and other information. Another reason to avoid the app is that it is flagged as malicious by multipl
While examining suspicious pages, our researchers discovered stashalinamme[.]com. This rogue site endorses spam browser notifications and redirects users to different (likely unreliable/harmful) webpages. The majority of visitors to stashalinamme[.]com and analogous pages access them via redirects
Our research team discovered copyroticirung.co[.]in while browsing dubious websites. This is a rogue page promoting browser notification spam and redirecting visitors to other (likely unreliable/dangerous) sites. Copyroticirung.co[.]in and webpages akin to it are primarily accessed via redirects c
While testing searcherbright.com, we found that it is a fake search engine. Using fake search engines can expose users to various online threats. It is also common for them to be promoted through unwanted extensions known as browser hijackers. If searcherbright.com is encountered, it should be rem
We have reviewed the site (hedera-airdrop[.]org) and concluded that it is designed to trick users into participating in a fake giveaway (cryptocurrency airdrop). This scam web page is created to steal cryptocurrency from victims. Users should be careful when landing on sites hosting giveaways and
ZV is ransomware belonging to the Dharma family. Our team has discovered it while inspecting samples submitted to VirusTotal. Once executed, ZV encrypts files and appends the victim's ID, an email address, and the ".ZV" extension to them. For example, it changes "1.jpg" to "1.jpg.id-9ECFA84E.[zele
Our analysis of dofirewall.co[.]in indicates that the site is crafted to present misleading content in an attempt to persuade visitors to allow it to send notifications. Once this consent is given, it can push deceptive messages to manipulate users into engaging with them. These notifications can
Our researchers discovered this rushuplab.co[.]in rogue page while inspecting suspicious websites. It endorses browser notification spam and produces redirects to different (likely unreliable/dangerous) sites. Rushuplab.co[.]in and similar webpages are most commonly accessed via redirects caused b