Our researchers discovered this fake "Phantom" airdrop while investigating deceptive sites. This scam imitates the official website of the Phantom cryptocurrency wallet (phantom.com). It operates as a crypto drainer – by stealing funds from exposed digital wallets. IMPORTANT NOTE: We do not
While examining untrustworthy sites, our research team discovered the uriligly[.]com rogue webpage. It is designed to promote spam browser notifications and redirect users to other (likely unreliable/hazardous) websites. Most visitors to uriligly[.]com and analogous pages access them through redir
Our analysis of the site (sol-incinerator[.]tax) has revealed that it is a fraudulent copy of the Sol Incinerator website, sol-incinerator.com. The fake site offers visitors the chance to earn rewards as a lure. It is created to trick visitors into interacting with it, which can result in cryptocu
Spanchainworld[.]com is a rogue webpage discovered by our research team during a routine inspection of suspicious sites. Upon examination, we learned that it promotes browser notification spam and generates redirects to other (likely unreliable/hazardous) websites. Most visitors to spanchainworld[
Our team has examined the website (rugai[.]site) and determined that it is a scam page. It poses as a legitimate crypto platform to deceive visitors into interacting with it. The scammers behind it seek to steal cryptocurrency from unsuspecting individuals. Overall, this fraudulent site should be
Our researchers discovered Benzona ransomware while inspecting new file submissions to the VirusTotal website. Malware of this kind encrypts data and demands a ransom for its decryption. On our test machine, Benzona encrypted files and appended a ".benzona" extension to their names. For example,
We have reviewed news-gojaxa[.]cc and determined that it is a deceptive website. The site uses clickbait to trick visitors into consenting to receive notifications from it. If permitted, news-gojaxa[.]cc can show misleading notifications to promote other potentially malicious web pages. Thus, it i
We have determined that news-goyafa[.]cc is intended to trick users into enabling its notifications. If permission is granted, it can deliver misleading messages, like fake alerts, to advertise suspicious websites. For this reason, the site and similar pages should be avoided, and any notification
ShinySp1d3r is ransomware that, once active, encrypts files on a device. It also appends random extensions to filenames (e.g., ".XHuch5gq" and ".GcfVmSz3"), changes the desktop wallpaper, and drops a ransom note ("R3ADME_[random_string].txt"). An example of how ShinySp1d3r renames files: It change
Our research team discovered spanchainio[.]com while investigating untrustworthy sites. After examining this rogue page, we determined that it promotes spam browser notifications and produces redirects to different (likely unreliable/harmful) websites. Most visitors to spanchainio[.]com and simil