While investigating dubious websites, our researchers discovered this fake "HEX Airdrop". After examining this scam, we determined that it operates as a cryptocurrency drainer – by stealing funds from victims' digital wallets. It must be emphasized that this fraudulent airdrop is not associated wi
Skitnet, also known as Bossnet, is a backdoor-type malware. Malicious programs of this kind are designed to open a "backdoor" into systems, and some of them can even carry out further infections. Skitnet is a stealthy malware that can exfiltrate data, as well as introduce and leverage legitimate r
We discovered this fake "Wall Street Pepe ($WEPE)" airdrop while investigating suspicious websites. This illegitimate WEPE token airdrop operates as a cryptocurrency drainer – by siphoning digital assets from exposed cryptowallets. It must be emphasized that this scam is not associated with the ac
MaksStealer is an information-stealing malware that poses as a performance enhancement tool or cheat modification for Hypixel SkyBlock, a popular Minecraft server. Once executed, MaksStealer silently operates in the background and harvests sensitive information. Victims are strognly advised to eli
We have inspected the site shibar[.]vip and found that it is a deceptive page promoting a cryptocurrency airdrop (giveaway). The purpose of this scam is to trick users into disclosing personal information. Falling for this scam can result in financial loss. Thus, this page should be closed if ever
Our researchers discovered the berolorladentra.co[.]in rogue webpage while investigating suspicious sites. Upon inspection, we determined that this page endorses browser notification spam and redirects visitors to different (likely unreliable/harmful) websites. Most users enter berolorladentra.co[
While browsing untrustworthy websites, our research team discovered the dotfulevabled.co[.]in rogue page. It operates by promoting browser notifications spam and redirecting users to other (likely dubious/hazardous) webpages. The majority of visitors to dotfulevabled.co[.]in and similar pages acce
APEX is ransomware that we discovered while analysing malware samples submitted to VirusTotal. Our examination shows that APEX encrypts files and appends its extension (".Apex") to them. For instance, it renames "1.jpg" to "1.jpg.Apex" and "2.png" to "2.png.Apex". It also provides a ransom note ("
PANDA is a ransomware-type program discovered by our researchers during a routine inspection of new submissions to the VirusTotal platform. This malicious program is designed to encrypt files and demand ransoms for the decryption. After we executed a sample of PANDA on our test machine, it encryp
Our analysis indicates that controllednetworkpc[.]com is a deceptive website that uses clickbait to trick users into consenting to receive its notifications. After gaining permission, the page delivers misleading notifications intended to lure users into visiting suspicious or potentially dangerou