During a routine inspection of dubious websites, our researchers discovered this fake "Keeta ($KTA)" airdrop. This site is disguised as the official Keeta website (keeta.com). It operates as a cryptocurrency drainer – by stealing funds from exposed cryptowallets. IMPORTANT NOTE: We do not re
Our analysis of claims-blockstreet[.]com has revealed that it is a fraudulent website impersonating the legitimate Blockstreet platform (blockstreet.xyz). Its goal is to deceive visitors into performing actions that enable scammers to steal their cryptocurrency. Thus, this site should be avoided a
"Dolomite ($DOLO) Allocation Checker" is a scam discovered by our researchers during a routine investigation. This webpage impersonates the Dolomite platform (dolomite.io) and lures victims with a potential DOLO allocation that they may receive. This scam aims to trick users into exposing their di
Our analysis shows that find.searchtheimage.com is a fake search engine promoted through a browser hijacker (an unwanted browser extension) called Image Search. Using find.searchtheimage.com and the associated hijacked can cause security and privacy risks. Thus, users should avoid using them.
We have inspected the site (claims-qubic[.]com) and concluded that it is a fake platform that imitates the original Qubic web page (qubic.org). The purpose of the deceptive site is to trick visitors into taking steps that would allow scammers to steal their crypto holdings. IMPORTANT NOTE: W
While investigating untrustworthy sites, our researchers discovered this fake "$ONDO Rewards" scam. It is presented as a page connected to Ondo, offering various rewards to eligible users. Not only is this scam not associated with Ondo, but the promised benefits are all fake. The goal of this webp
While browsing suspect sites, our researchers discovered the zavixnelo.co[.]in rogue webpage. It operates by promoting browser notification spam and redirecting visitors to other (likely unreliable/dangerous) websites. Most users enter pages like zavixnelo.co[.]in via redirects generated by sites
Our analysis of iamadsglobal[.]com has revealed that it is a misleading page designed to deceive visitors into permitting it to show notifications. If this permission is granted, iamadsglobal[.]com can deliver notifications promoting other dubious sites. It is advisable to avoid iamadsglobal[.]com
PhantomCard is a banking trojan targeting Android devices. This malware is offered as MaaS (Malware-as-a-Service) by a threat actor dubbed "Go1ano developer". PhantomCard was not developed by "Go1ano developer"; it is a custom malware based on "NFU Pay" MaaS created by a Chinese-speaking threat ac
While investigating suspicious websites, our researchers discovered this fake "Uranus" airdrop. It claims that those who are eligible can claim a reward, and by attempting to receive this boon – users unintentionally expose their cryptocurrency wallet to a drainer. Essentially, victims of this sca