Our analysis shows that FIND is ransomware from the Dharma family. We discovered it while inspecting samples submitted to VirusTotal. Once executed, FIND encrypts files and provides two ransom notes (it displays a pop-up window and creates a file named "info.txt"). Also, the ransomware renames fil
We have inspected the site (app-rocksolid[.]live) and concluded that it is a scam. It mimics the original RockSolid site (app.rocksolid.network) to lure visitors into using it and taking a specific step. The goal of this fake website is to drain cryptocurrency wallets. It should be avoided and exi
While investigating dubious sites, our research team found the pyroscouriell.co[.]in rogue webpage. After inspecting it, we learned that this page promotes browser notification spam and redirects visitors to different (likely suspicious/harmful) websites. Pyroscouriell.co[.]in and similar webpage
Our researchers discovered this fake "Keeta ($KTA) Vote Rewards" page during a routine inspection of suspect websites. It impersonates the Keeta network (keeta.com) and claims that holders of the native token (KTA) can claim a reward if they vote in a poll within the first 24 hours. With this lure
During a routine investigation, our researchers discovered this fake "Fleek" webpage (register-fleek[.]com; other domains are possible). It impersonates Fleek's official website to deceive users into exposing their cryptowallets to a cryptocurrency drainer. IMPORTANT NOTE: We do not review c
While investigating dubious websites, our researchers discovered this fake "Dione Protocol ($DIONE) Vote Rewards" page. Our examination of this scam revealed that it operates as a cryptocurrency drainer. It must be emphasized that this fraudulent webpage is not associated with the actual Dione Pro
Coblaver.co[.]in is a rogue webpage discovered by our researchers during a routine inspection of untrustworthy sites. Upon examination, we learned that it produces browser notification spam and can redirect users elsewhere (likely unreliable/dangerous websites). Most users access coblaver.co[.]in
Our researchers found this fake "ApeX Protocol ($APEX) Vote Reward" webpage during a routine inspection. It promises rewards to APEX token holders who vote in a poll within the first 24 hours. The goal is to lure victims into exposing their digital wallets to a crypto drainer. It must be emphasize
While inspecting untrustworthy websites, our research team discovered this fake "Claim $HANA" webpage. It masquerades as the Hana Network running an airdrop. This scam is not associated with the actual Hana Network (hana.network). It aims to deceive users into exposing their cryptowallets to a cry
We have analysed the page (jitoclaims.pages[.]dev) and discovered that it is a scam website. It poses as the original Jito site (jito.network) and offers visitors rewards to trick them into taking harmful actions. The goal of this fake website is to drain cryptocurrency wallets. It should be avoid