Our researchers discovered connectchainnet[.]com while browsing suspect websites. This rogue page endorses spam browser notifications and generates redirects to different (likely unreliable/hazardous) sites. The majority of users access connectchainnet[.]com and analogous pages via redirects prod
DRAT is a remote access trojan (RAT) delivered via social engineering and malicious scripts. It allows cybercriminals to execute commands, manipulate files, and maintain persistence on infected devices. Recently, a newer and more advanced version called DRAT V2 has been developed, featuring improv
We have examined the email and found that it is a fake notification claiming to be from the email provider. This fraudulent message also contains a link to a phishing website. Scammers behind this scam email aim to trick recipients into entering personal details on a fake web page. Recipients shou
After examining this "Access To Secure Document" email, we determined that it is spam. This phishing message deceives recipients into revealing their email account log-in credentials (passwords) by enticing them with a purchase-themed lure. The spam email with the subject "IMPORTANT: [reci
While investigating suspicious sites, our researchers discovered a fake "Qubetics" webpage (qubetics-ia.web[.]app; other domains are possible). The purpose of this scam is to deceive users into exposing their digital wallets to a cryptocurrency drainer. It must be emphasized that this fraudulent p
Our analysis of ommulargang[.]com shows that it is a deceptive website designed to trick users into allowing notifications. Once permission is granted, it can send fake alerts and other misleading messages. For this reason, users should avoid the site and never consent to receive notifications fro
Sinobi is ransomware that encrypts files to prevent victims from accessing them. Also, it changes the desktop wallpaper, creates a ransom note ("README.txt"), and appends its extension (".SINOBI") to files. An example of how files encrypted by Sinobi are renamed: "1.jpg" is changed to "1.jpg.SINOB
Our researchers discovered this "Hyperliquid Fee Refund" scam that promotes a cryptocurrency drainer. This deceptive webpage masquerades as the official website of the Hyper Foundation (hyperfoundation.org) and aims to drain funds from exposed cryptowallets. It must be emphasized that this scam is
Our research team discovered the maxadsrank[.]top rogue webpage while browsing untrustworthy websites. After inspecting this page, we learned that it endorses browser notification spam and produces redirects to other (likely dubious/harmful) sites. Maxadsrank[.]top and analogous webpages are most
Maticiess[.]com is a rogue webpage discovered by our researchers during a routine inspection of suspicious sites. Upon examination, we determined that this page promotes browser notification spam and redirects visitors to other (likely unreliable/dangerous) websites. Most users access maticiess[.]