Winos4.0 (also known as WinosStager) is a sophisticated malware framework with backdoor, loader, and stealer capabilities. This high-risk malware has been used in multiple campaigns, which have been particularly active in Asia. Winos4.0 has been distributed through fake RustDesk websites.
After reading this "JP Morgan Chase Fund Release" email, we determined that it is spam. This message urges the recipient to claim their 850,000 USD funds or have them dissolved by the bank. The goal of this phishing email is to deceive recipients into disclosing their private information.
Our researchers discovered safety-searches.net while analyzing the Safety Search browser hijacker. This webpage is a fake search engine that cannot provide search results. The Safety Search extension is advertised as a tool for obtaining accurate search results on Reddit. Browser hijackers change
Safescopesearch.com is a fake search engine discovered by our researchers while examining the Search Shield browser hijacker. This page does not provide its own search results; instead, it redirects users to legitimate search engines. Search Shield is promoted as a tool for creating custom block
While inspecting untrustworthy sites, our research team discovered the "Child Pornography Found" technical support scam. It utilizes the graphics and names of legitimate products and entities. This page claims that the user's device has been blocked due to containing illegal pornographic content.
DeVixor is a powerful Android malware that steals financial data, monitors devices, and allows remote control. It also includes a ransomware feature that can lock devices for cryptocurrency payments and is controlled using Firebase and Telegram to manage infections and evade detection. DeVixor is
During a routine investigation, our researchers discovered this fake "Solana Seeker" webpage. It promises free SKR – Solana Mobile's native token in order to lure users into exposing their digital wallets to a cryptocurrency drainer. It must be emphasized that this scam is not associated with Sola
We have reviewed the email and found that it contains a fake message regarding a hotel reservation for a group. It contains a link designed to download a malicious script file. Thus, we conclude that this fraudulent email is likely used to deliver malware. Recipients should ignore this message to
Our analysis shows that it is a typical survey scam. It involves a phishing email and a fake website. The goal is to trick individuals into believing that they will receive a prize after completing certain steps. However, victims never receive any prizes and have their personal information or mone
Our team has inspected the page (vote-lista[.]com) and found that it is a scam website masquerading as the original Lista DAO site (lista.org). The fraudulent page is designed to trick visitors into completing a step that can result in the theft of their cryptocurrency holdings. Thus, it should no