Our researchers discovered the AntiHacker malicious program while reviewing new submissions to the VirusTotal website. This program belongs to the Xorist ransomware family. This malware – ransomware – is designed to encrypt data and demand payment for the decryption. On our test machine, AntiHack
Our analysis reveals that this fraudulent website (amlchecker-bot[.]com) advertises a fake cryptocurrency airdrop. The scammers behind it intend to steal cryptocurrency from victims. Users should exercise caution with sites promising free crypto or rewards to prevent financial loss and other negat
Our examination shows that it is a fraudulent web page promoting a fake cryptocurrency airdrop (giveaway). The scammers who created this page aim to steal cryptocurrency from victims through a malicious tool. Users should be careful with sites offering free crypto or rewards to avoid monetary loss
While browsing suspicious sites, our research team found the moropplinsires[.]com rogue webpage. It is designed to promote browser notification spam and generate redirects to different (likely untrustworthy/dangerous) websites. The majority of visitors to moropplinsires[.]com and analogous pages
Mirrapwifle[.]com is a rogue page discovered by our research team while investigating suspect websites. It operates by endorsing browser notification spam and redirecting visitors to different (likely unreliable/hazardous) sites. Webpages like mirrapwifle[.]com are most commonly accessed through r
While investigating untrustworthy websites, our researchers found this "Amp Token Airdrop" page. Upon examination, we determined that this free airdrop is fake and works as a cryptocurrency drainer. It must be stressed that this scam is not associated with the official AMP Collateral Token website
Our research team discovered gropoq[.]info while investigating dubious websites. This rogue webpage is designed to endorse browser notification spam and redirect visitors to other (likely unreliable/hazardous) sites. Gropoq[.]info and analogous pages are most commonly accessed via redirects produc
Our analysis of manderming[.]com revealed that it is a misleading website designed to deceive users into enabling notifications. Once granted permission, the site can deliver intrusive and deceptive messages, such as false alerts or promotional offers, that may redirect users to other suspicious o
Our research team found this fake "Yala NFT Giveaway" site while browsing suspicious sites. This webpage operates as a cryptocurrency drainer – by stealing funds from exposed cryptowallets. It must be emphasized that this scam is not associated with the actual Yala DeFi protocol website (yala.org)
During our inspection of hylabick[.]com, we discovered that it is a deceptive web page created to trick visitors into agreeing to receive its notifications. Once this page obtains permission to show notifications, it can bombard users with fake messages (e.g., warnings or offers) designed to promo