Our research team discovered this fake "Giggle Fund ($GIGGLE) Vote Rewards" while investigating suspicious websites. This fraudulent page imitates the official site of the GIGGLE token (giggletoken.com) and promises rewards to early voters who hold the namesake token. The purpose of this scam is t
Our researchers discovered BeFirst ransomware during a routine inspection of new file submissions to the VirusTotal site. This malicious program is part of the MedusaLocker ransomware family. BeFirst operates by encrypting data in order to demand a ransom for the decryption. After we executed a s
While investigating suspect sites, our researchers discovered the "Hyperliquid ($HYPE) Vote Rewards" scam. This page impersonates the official Hyper Foundation website (hyperfoundation.org) and promises rewards to early voters. The goal is to deceive users into exposing their digital wallets to a
This "ChainOpera AI ($COAI)" airdrop is fake. Our researchers discovered this scam during a routine inspection of suspicious websites. It is presented as the official website of ChainOpera AI (chainopera.ai) and lures users into exposing their cryptowallets to a cryptocurrency drainer. It must be
Our examination of the page (event-onyxs[.]org) has revealed that it is a fake site posing as the original Onyx website (onyx.org). The scammers behind the fraudulent page aim to trick visitors into believing that they can claim rewards, and their intention is to steal cryptocurrency. IMPORT
We have inspected the website (jayacitakreasindo[.]com) and concluded that it is a scam. It mimics the original DappRadar page (dappradar.com) to appear trustworthy. The purpose of this site is to trick visitors into connecting their wallets, which allows scammers to steal cryptocurrency. IM
Our analysis shows that FIND is ransomware from the Dharma family. We discovered it while inspecting samples submitted to VirusTotal. Once executed, FIND encrypts files and provides two ransom notes (it displays a pop-up window and creates a file named "info.txt"). Also, the ransomware renames fil
We have inspected the site (app-rocksolid[.]live) and concluded that it is a scam. It mimics the original RockSolid site (app.rocksolid.network) to lure visitors into using it and taking a specific step. The goal of this fake website is to drain cryptocurrency wallets. It should be avoided and exi
While investigating dubious sites, our research team found the pyroscouriell.co[.]in rogue webpage. After inspecting it, we learned that this page promotes browser notification spam and redirects visitors to different (likely suspicious/harmful) websites. Pyroscouriell.co[.]in and similar webpage
Our researchers discovered this fake "Keeta ($KTA) Vote Rewards" page during a routine inspection of suspect websites. It impersonates the Keeta network (keeta.com) and claims that holders of the native token (KTA) can claim a reward if they vote in a poll within the first 24 hours. With this lure