We have inspected the website (listing-satoshiv.pages[.]dev) and found that it promotes a fake cryptocurrency giveaway to deceive visitors into interacting with it. Its purpose is to lure visitors into connecting their wallets. If scammers succeed, they may empty victims' wallets (steal their cryp
Our examination has revealed that this is a scam website (ledgercryptoservice[.]com) designed to promote a fake cryptocurrency wallet recovery tool. The scammers behind it aim to steal personal information and obtain access to wallets. Falling for this scam can result in financial losses. Users sh
Our team has analyzed this message and determined that it is a scam disguised as a notification from a cloud service regarding account storage. It urges recipients to click a link included in the message. Following the instructions in the email can direct users to deceptive websites. It is recomme
We have inspected the site (unlbase[.]app) and found that it mimics the original Unibase platform, unibase.com (the only difference between domain names is the domain extension). The fraudulent version offers rewards as a lure. Its purpose is to steal cryptocurrency from unsuspecting individuals.
We have discovered PCLocked while inspecting malware samples uploaded to VirusTotal and concluded that it is ransomware. Malware of this type encrypts files and provides a ransom note. PCLocked's ransom note is the "RECOVERY_ID.txt" file. Additionally, it renames encrypted files by appending the "
Our analysis shows that pdftools.store is a fake search engine promoted through various malicious extensions that operate as browser hijackers. It is worth noting that pdftools.store has a number of subdomains, including pqpbcr.pdftools.store, ipqcr.pdftools.store, dwscr.pdftools.store, intpbcr.pd
Our team analyzed solnero.co[.]in and found that it uses a clickbait tactic to trick users into allowing notifications. If permission is granted, the site sends fake alerts and similar messages that can direct users to unreliable and potentially malicious websites. Solnero.co[.]in is not trustwort
Our analysis shows that this is a phishing email disguised as an "official internal memo". It is designed to trick recipients into opening a deceptive website and entering personal information. Usually, victims of such scams experience issues such as account hijacking, identity theft, or other neg
VoidStealer is a type of malware that steals sensitive data from browsers. It uses a technique, a debugger-based method to bypass browser protection (Application-Bound Encryption) by monitoring memory while the browser is running. This allows it to capture encryption keys without needing special p
Our team has inspected saudevic[.]com and found that it uses clickbait to get permission to show notifications. If this permission is given, saudevic[.]com delivers fake alerts and similar messages. Interacting with those notifications can direct users to unreliable websites. Overall, saudevic[.]c