Our team has examined the page (clearsee[.]top) and discovered that it uses a malicious tool to steal cryptocurrency. It is disguised as a crypto exchange to lure users into taking harmful actions. Thus, users should be careful when encountering such pages and avoid interacting with them. IM
EDDIESTEALER is a malicious program classed as a stealer. It is written in the Rust programming language. Stealers are designed to extract and exfiltrate vulnerable information from infected devices. EDDIESTEALER targets log-in credentials, cryptocurrency wallets, and other sensitive data.
Our analysis of the website (binaryxe[.]org) indicates that it is a fraudulent site created to deceive visitors into thinking they are on the legitimate (formerly BinaryX) platform, Four site. Its purpose is to steal cryptocurrency from unsuspecting individuals through a malicious tool. Thus, user
Chaos RAT is a remote access tool built using the Go programming language. It works on both Windows and Linux systems. Chaos RAT includes a control panel that lets attackers create malware payloads, manage active connections, and remotely control infected devices. If detected on a device, the RAT
Our inspection of the "Take Immediate Action" email revealed that it is spam. This message urges the recipient to verify their email to remove the restrictions placed in response to suspicious activity detected on the account. This spam mail aims to trick recipients into disclosing their log-in cr
Ololo is ransomware that we discovered while analyzing malware samples uploaded to VirusTotal. It is part of the MedusaLocker family and is designed to encrypt files. Also, Ololo appends the ".ololo" extension to files (e.g., renames "1.jpg" to "1.jpg.ololo" and "2.png" to "2.png.ololo") and drops
We have reviewed smartadsflow[.]top and concluded that it is a deceptive website designed to trick visitors into consenting to get its notification. The method this page uses to obtain this permission is known as clickbait. Usually, notifications from websites like smartadsflow[.]top contain misle
We have analyzed the email and found that it is a fraudulent email disguised as a notification from Intelcom (a legitimate Canadian courier and package delivery company). The scammers behind it seek to extract personal information through a deceptive website included in the email. These types of e
Our research team found the bicarnsh.co[.]in rogue page while investigating dubious websites. It operates by promoting browser notification spam and redirecting visitors to other (likely unreliable/dangerous) websites. Most visitors enter bicarnsh.co[.]in and similar webpages via redirects generat
After inspecting this "DHL - Shipping Container Document Invoice" email, we determined that it is fake. It is presented as a notification from DHL informing the recipient about shipping documents sent to them. The attachment is a phishing file that targets email account log-in credentials (passwor