While investigating suspect pages, our researchers found oveprotocol.co[.]in. We determined that it is a rogue webpage promoting browser notifications spam and redirecting visitors to different (likely unreliable/hazardous) sites. Most users access oveprotocol.co[.]in and similar pages via redirec
Bireme.app is the name of a rogue application discovered by our researchers during a routine inspection of new file submissions to the VirusTotal website. After examining this application, we learned that it is advertising-supported software belonging to the Pirrit adware family. Adware
Quicksecuretest[.]com is a rogue page discovered by our researchers during a routine inspection of untrustworthy websites. This webpage promotes browser notification spam and redirects visitors to different (likely dubious/dangerous) sites. Most visitors to quicksecuretest[.]com and pages akin to
We reviewed unmatiotorly[.]com and discovered that it displays deceptive notifications. Although the site cannot send notifications without user consent, it tries to deceive visitors into granting permission through clickbait. Notifications from this site can lead users to potentially malicious si
While investigating suspect sites, our researchers discovered this fake "SoSoValue" airdrop. This scam masquerades as the SoSoValue platform (sosovalue.com). The deceptive page uses the promise of an airdrop to lure users into exposing their digital wallets to a cryptocurrency drainer. IMPOR
We examined ecaptewos.co[.]in and found that it can show misleading notifications. The site cannot send notifications without user permission and attempts to trick visitors into allowing them. Notifications from this site may lead to scams, unwanted apps, and other risks. It is best to avoid this
Our researchers discovered this fake "SingularityNET (AGIX) Minting" webpage while investigating deceptive sites. This scam impersonates the SingularityNET network (singularitynet.io) and aims to lure users into exposing their cryptocurrency wallets to a crypto drainer. IMPORTANT NOTE: We do
We have inspected comsishago[.]com and found that it can deliver deceptive notifications. However, this page cannot send notifications without permission and uses clickbait to obtain it from visitors. Notifications from comsishago[.]com can expose users to scams, unwanted apps, and other threats.
Myth is an information stealer written in Rust programming language. The stealer is designed to target browsers built on both Gecko and Chromium engines, stealing sensitive data such as passwords, cookies, and autofill details. It also employs anti-analysis measures, including string obfuscation a
Our analysis has shown that this is a deceptive page mimicking the official XRP Ledger site (xrpl.org). It is designed to lure users into connecting their wallets to "claim XRP" (to receive a reward). The scammers behind this site aim to steal cryptocurrency from unsuspecting individuals. IM