During a routine investigation, our research team discovered this fake "PancakeSwap" page. It is not associated with the real PancakeSwap exchange (pancakeswap.finance). The purpose of this imitator is to trick users into exposing their cryptowallets to a cryptocurrency drainer – a mechanism that
ZynorRAT is a cross-platform malware compatible with Windows and Linux Operating Systems (OSes). It is written in the Go programming language. ZynorRAT is classed as a RAT (Remote Access Trojan); it is designed to enable remote access/control over devices. There are multiple variants of this mali
kkRAT is a piece of malicious software categorized as a Remote Access Trojan (RAT). This malware establishes remote access and control over compromised machines. It similarities with other RATs – Big Bad Wolf and Ghost. As of the time of writing, kkRAT is used in an ongoing campaign that began in
Our researchers discovered this fake "Popcat" airdrop during a routine investigation. By attempting to participate in this bogus airdrop, users are lured into exposing their digital wallets to a cryptocurrency drainer. It must be emphasized that this scam is not associated with the official Popcat
Our researchers discovered the "SYSTEM SECURITY ALERT" scam during a routine investigation of suspicious websites. It claims that users' operating systems have experienced failure, and the antivirus must be updated to restore standard functionality. Typically, scams of this kind aim to deceive vic
After reviewing this "Mailbox Error Detected" email, we determined that it is spam. The message claims that to restore their ability to send and receive emails, the user must eliminate the error in their inbox. This email is not associated with any legitimate entities, and its goal is to trick rec
While browsing untrustworthy sites, we discovered this fake "Matchain ($MAT)" airdrop. This webpage claims to be distributing MAT – the native token of Matchain (matchain.io). The goal is to deceive users into exposing their cryptowallets to a cryptocurrency drainer. It must be stressed that this
While investigating deceptive websites, we discovered the Giant ad blocker. It is promoted as an advertisement-blocking tool that can eliminate intrusive banners, autoplay videos, and pop-ups – according to its promotional material. Upon inspection, we determined that this browser extension operat
Our examination of the "Nedbank - New Debit Order Notification" email revealed that it is fake. This spam message informs the recipient of a new monthly debit order made to the recipient's Nedbank account. It must be emphasized that the information in this email is false, and this mail is not ass
Lamia Loader is a ransomware-type program. This piece of malicious software is designed to encrypt the victim's files and demand payment for their decryption. After we executed a sample of this malware on our test machine, it encrypted files and added a ".enc.LamiaLoader" extension to their names