After inspecting this "Direct Axis Financial Services" email, we determined that it is spam. This scam message offers various loans at a 5% interest rate. The likely goal of this spam campaign is to deceive recipients into disclosing private information or sending money to scammers. It must be emp
Our analysis of the email has shown that it is a deceptive message regarding a donation. Typically, scammers use fraudulent emails like this to extract money and/or trick recipients into disclosing personal information. This and similar messages should not be trusted and should be ignored.
Our researchers discovered this fake "Avalanche (AVAX)" airdrop during a routine investigation. It impersonates the official website of the Avalanche network (avax.network). When a user tries to claim the airdrop, they inadvertently expose their digital wallet by entering its passphrase into a phi
We have inspected search.getbettersearch-api.com and discovered that it is a fake search engine promoted through a browser extension (Better Search) that functions as a browser hijacker. Both fake search engines and browser hijackers should be avoided. If search.getbettersearch-api.com and (or) Be
We have examined the page (swap.fliuild[.]io) and discovered that it is a fake Fluid site designed to steal cryptocurrency. It closely mimics the original platform (fluid.io) to trick unsuspecting users into connecting their wallets. Falling for this scam can result in huge financial losses.
Our research team found Marmose.app while inspecting new submissions to the VirusTotal site. After examining this rogue application, we determined that it is advertising-supported software from the Pirrit adware family. Adware stands for advertising-supported software. Its purpose is to
JSCEAL is an information stealer targeting mainly cryptocurrency applications. Cybercriminals use malicious ads to trick victims into downloading fake apps that mimic nearly 50 popular cryptocurrency trading platforms. If JSCEAL is detected on the system, it should be eliminated as soon as possibl
Our researchers discovered this fake "$PUMP" airdrop during a routine investigative session. The page states that users can claim PUMP tokens, and with this lure – the scam aims to trick victims into exposing their digital wallets to a cryptocurrency drainer. IMPORTANT NOTE: We do not review
We have inspected respraccipsaurs[.]com and concluded that its goal is to trick visitors into accepting its notifications. If allowed, respraccipsaurs[.]com can show misleading alerts and similar messages. These notifications contain links to potentially malicious sites. Thus, respraccipsaurs[.]co
During our inspection of malware samples uploaded to VirusTotal, we discovered BOBER, a variant of the CONTI ransomware. Once executed on the device, BOBER encrypts files and appends its extension to them. It also provides a ransom note ("R3ADM3.txt"). BOBER appends a string of random characters t