Arrectines[.]com is a rogue webpage discovered by our researchers during a routine inspection of untrustworthy sites. Upon examination, we learned that it promotes browser notification spam and produces redirects to different (likely unreliable/hazardous) websites. The majority of visitors to arr
While inspecting dubious websites, our research team found this fake "Utility Coin ($UTILITY) Vote Rewards" page. It claims that voters in a poll concerning the following memecoin listing will receive a reward. The goal is to lure users into exposing their digital wallets to a cryptocurrency drain
Our inspection of this "DHL Express Parcel Misplacement" email revealed that it is fake. It claims that the recipient must confirm their address to ensure the delivery of their parcel. This spam message promotes a phishing site targeting sensitive data. It must be emphasized that this email is not
After reviewing this "ICICI Bank - Payment Advice And Swift Copy" email, we determined that it is fake. This message claims that the recipient has been sent a copy of their financial documents. The spam campaign aims to trick users into disclosing their account log-in credentials to a phishing fil
After inspecting this "Maintenance Notice" email, we determined that it is spam. This message aims to deceive recipients into providing their email account log-in credentials to a phishing website by claiming that they must take immediate action to avoid data loss. The spam email with the
Oyster (also known as Broomstick, CleanUpLoader) is a backdoor and loader type malware. It has been around since at least the summer of 2023 and has received several significant updates. Oyster is offered as MaaS (Malware-as-a-Service) and is thus available to various cyber criminals. It has been
We have examined the email and found that it poses as a winning notification from "LOTTO AMERICA". Essentially, it is a scam email designed to steal money and (or) information from unsuspecting recipients. Emails like this one should be ignored and deleted immediately. This is a fraudulent
Our team has inspected the website (utility.soldex[.]trade) and found that it imitates the original Utility Coin site (theutilitycoin.com). The fake site promotes an airdrop to lure visitors into taking actions allowing fraudsters to steal their cryptocurrency holdins. It should be avoided to prev
We have analysed chethomarie[.]com and found that it tries to deceive visitors into agreeing to get its notifications. Once permission is granted, the site can send fake alerts and other misleading messages, which may lead users to potentially malicious pages (e.g., scam websites). Thus, chethomar
NovaShadow is marketed as a stealthy remote access Trojan (RAT) that can evade antivirus detection using advanced obfuscation and polymorphic code. It uses AES‑256 encrypted communications, does not keep logs, and has spying features like live screen sharing, a keylogger, webcam access, and broad