KCVY OSLOCK is a screenlocker-type ransomware. This malware is designed to "lock" the device's screen and demand payment for access recovery. Unlike other types of ransomware, screenlockers do not encrypt victims' files or utilize stealers to exfiltrate sensitive data (for double extortion purpose
Our research team found this fraudulent "NFTStrategy" airdrop while investigating suspicious websites. This fake page impersonates the NFTStrategy website (nftstrategy.fun) and lures users with a celebratory airdrop. It must be emphasized that this scam is not associated with the actual NFTStrateg
Our research team discovered this fake "Troll Coin" airdrop during a routine investigation. This scam operates as a cryptocurrency drainer – by stealing digital assets from exposed cryptowallets. It must be emphasized that this fraudulent airdrop is not associated with the real TROLL coin. I
We examined verifyanalyticspro.co[.]in and found that it is designed to trick visitors into enabling notifications through a clickbait tactic. Once allowed, the site can send fake alerts and similar messages to promote other deceptive web pages. Thus, verifyanalyticspro.co[.]in should not be trust
After inspecting this "Pending Mails Alert" email, we determined that it is spam. This message informs the recipient that emails have been withheld from their inbox. The goal is to lure recipients into entering their account log-in credentials into a phishing website. This spam email infor
While inspecting the site (app.riversnetwork[.]net), we uncovered that it promotes a fake airdrop. This page offers individuals an opportunity to participate in a giveaway to trick them into taking actions that enable scammers to steal their crypto. This site should be avoided and closed if ever e
We have tested Outer Space Tab and discovered that it is an unwanted extension designed to hijack web browsers. Browser hijackers typically promote questionable or fake search engines. Outer Space Tab promotes youaresearching.com. This extension and the promoted address can expose users to online
Our team has determined that this website (lombardfinance[.]dev) is designed to steal cryptocurrency. It mimics the original Lombard site (lombard.finance) and offers to claim $BARD tokens to trick users into taking certain steps, allowing scammers to drain their wallets. IMPORTANT NOTE: We
Our inspection has revealed that this is a scam website (vote-plasma[.]app) designed to trick visitors into connecting their wallets. The fraudulent age mimics the original Plasma platform (app.plasma.to) and offers rewards as a lure. It should be avoided to prevent possible monetary loss. I
We have inspected the email and found that it poses as a request for quotation to trick recipients into clicking the provided malicious link. The purpose of this scam email is to deploy malware. Recipients should ignore this email to avoid malware infiltration and other negative outcomes.