While investigating dubious sites, our research team discovered this fake "Ethereum (ETH) Rewards" webpage (ethrewards[.]pro; other domains are possible). This deceptive page supposedly allows users to get any unclaimed Ethereum rewards that they may have. The scam aims to deceive victims into exp
Polyhedrical.app is a rogue application discovered by our researchers while browsing new submissions to the VirusTotal site. Upon inspection, we learned that this piece of software is adware from the Pirrit family. Advertising-supported software is designed to generate revenue for its developers
Our researchers discovered this fake "Claim Sign" page (claim.signcommunity[.]link; possibly other domains) during a routine investigation. This webpage masquerades as the Sign Protocol website (sign.global). It lures victims into exposing their digital wallets to a cryptocurrency drainer by imply
While investigating suspicious websites, our researchers discovered this fake "WalletConnect Token (WCT) Airdrop". The scam offers an unbelievable discount for WalletConnect Tokens (WCT), yet after victims make the purchase – they receive nothing. It must be emphasized that this scam is in no way
We have examined Gastaldo.app and discovered that it displays unwanted advertisements. Thus, we classified Gastaldo.app as adware. In addition to delivering ads, Gastaldo.app may gather user data and other information. Another reason to avoid the app is that it is flagged as malicious by multipl
While examining suspicious pages, our researchers discovered stashalinamme[.]com. This rogue site endorses spam browser notifications and redirects users to different (likely unreliable/harmful) webpages. The majority of visitors to stashalinamme[.]com and analogous pages access them via redirects
Our research team discovered copyroticirung.co[.]in while browsing dubious websites. This is a rogue page promoting browser notification spam and redirecting visitors to other (likely unreliable/dangerous) sites. Copyroticirung.co[.]in and webpages akin to it are primarily accessed via redirects c
While testing searcherbright.com, we found that it is a fake search engine. Using fake search engines can expose users to various online threats. It is also common for them to be promoted through unwanted extensions known as browser hijackers. If searcherbright.com is encountered, it should be rem
We have reviewed the site (hedera-airdrop[.]org) and concluded that it is designed to trick users into participating in a fake giveaway (cryptocurrency airdrop). This scam web page is created to steal cryptocurrency from victims. Users should be careful when landing on sites hosting giveaways and
ZV is ransomware belonging to the Dharma family. Our team has discovered it while inspecting samples submitted to VirusTotal. Once executed, ZV encrypts files and appends the victim's ID, an email address, and the ".ZV" extension to them. For example, it changes "1.jpg" to "1.jpg.id-9ECFA84E.[zele