Katz is the name of a stealer-type malware. As the classification implies, this malicious program is designed to steal vulnerable information from infected devices and installed software. Katz targets log-in credentials, cryptocurrency wallets, and other data. This stealer is promoted as MaaS (Mal
Our research team discovered this fake "Binance" airdrop during a routine investigation of suspicious websites. The deceptive page promotes a cryptocurrency drainer, which operates by draining funds from exposed digital wallets. It must be stressed that this scam is not associated with Binance Hol
Our researchers discovered this fake "loopedHYPE (LHYPE)" airdrop while investigating suspicious websites. This scam imitates the Looped Hype (LHYPE) protocol site and operates as a cryptocurrency drainer. In other words, this bogus airdrop siphons digital assets from victims' cryptowallets.
We have inspected the website (app-hyperlend[.]com) and discovered that it is a fake site presented as the original one (hyperlend.finance). Its purpose is to lure unsuspecting visitors into taking steps that can lead to cryptocurrency theft. It is important to be careful when encountering such si
DEVMAN is ransomware that encrypts files and generates a ransom note ("README.yAGRTb.txt") containing contact and payment information. It also changes the desktop wallpaper and appends the ".yAGRTb" extension to files. For example, DEVMAN renames "1.jpg" to "1.jpg.yAGRTb", "2.png" to "2.png.yAGRTb
Our analysis of this website (launchon-sol[.]com) has shown that it is a fake site designed to trick visitors into "participating" in a fake cryptocurrency presale. Scammers behind this fraudulent web page aim to steal cryptocurrency from unsuspecting individuals. Thus, it should not be trusted.
Revupdevice.co[.]in is a rogue page that we discovered while inspecting questionable websites. This webpage endorses browser notification spam and redirects visitors to different (likely untrustworthy/dangerous) sites. Pages like revupdevice.co[.]in are primarily accessed via redirects caused by w
Our researchers discovered the SatelliteDiscovery app while reviewing new file submissions to the VirusTotal site. After analyzing this piece of software, we learned that it is adware from the AdLoad malware family. SatelliteDiscovery is designed to run intrusive ad campaigns. Advertisin
Upon examining penuzzialls[.]com, we found that it uses a deceptive technique to convince visitors to agree to get its notifications. Once permission is granted, penuzzialls[.]com can push fake alerts and other misleading content to direct users to questionable websites. Thus, users should not all
We have tested the Member.app and found that it has characteristics of adware. Upon installation, it can deliver unwanted and intrusive advertisements. Additionally, our analysis shows that Member.app is part of the Pirrit family and has been flagged as malicious by multiple security vendors.