Vornixuma[.]com is a rogue page discovered by our researchers during a routine investigation of suspicious websites. After examining this webpage, we learned that it promotes browser notification spam and generates redirects to different (likely unreliable and/or dangerous) sites. Most visitors t
During our inspection of selexciest[.]com, we discovered that it is a misleading website designed to trick visitors into letting it show notifications. After users have granted this permission, selexciest[.]com can bombard them with fake warnings and other deceptive notifications. Thus, selexciest
Our researchers discovered connectchainnet[.]com while browsing suspect websites. This rogue page endorses spam browser notifications and generates redirects to different (likely unreliable/hazardous) sites. The majority of users access connectchainnet[.]com and analogous pages via redirects prod
DRAT is a remote access trojan (RAT) delivered via social engineering and malicious scripts. It allows cybercriminals to execute commands, manipulate files, and maintain persistence on infected devices. Recently, a newer and more advanced version called DRAT V2 has been developed, featuring improv
We have examined the email and found that it is a fake notification claiming to be from the email provider. This fraudulent message also contains a link to a phishing website. Scammers behind this scam email aim to trick recipients into entering personal details on a fake web page. Recipients shou
After examining this "Access To Secure Document" email, we determined that it is spam. This phishing message deceives recipients into revealing their email account log-in credentials (passwords) by enticing them with a purchase-themed lure. The spam email with the subject "IMPORTANT: [reci
While investigating suspicious sites, our researchers discovered a fake "Qubetics" webpage (qubetics-ia.web[.]app; other domains are possible). The purpose of this scam is to deceive users into exposing their digital wallets to a cryptocurrency drainer. It must be emphasized that this fraudulent p
Our analysis of ommulargang[.]com shows that it is a deceptive website designed to trick users into allowing notifications. Once permission is granted, it can send fake alerts and other misleading messages. For this reason, users should avoid the site and never consent to receive notifications fro
Sinobi is ransomware that encrypts files to prevent victims from accessing them. Also, it changes the desktop wallpaper, creates a ransom note ("README.txt"), and appends its extension (".SINOBI") to files. An example of how files encrypted by Sinobi are renamed: "1.jpg" is changed to "1.jpg.SINOB
Our researchers discovered this "Hyperliquid Fee Refund" scam that promotes a cryptocurrency drainer. This deceptive webpage masquerades as the official website of the Hyper Foundation (hyperfoundation.org) and aims to drain funds from exposed cryptowallets. It must be emphasized that this scam is