Our team has examined claim-qubit.pages[.]dev, a site presenting itself as an official Qubit Inu airdrop page offering free "$Qubit" tokens. In reality, it is a cryptocurrency drainer scam. Visitors who connect their wallets have their digital assets transferred to the scammers. IMPORTANT NO
We have inspected claim-bitcat.pages[.]dev and found that it promotes a fake cryptocurrency airdrop. The page claims visitors can receive free "$Bitcat" tokens as part of a "live" event. In reality, it is a fraudulent scheme designed to steal digital assets from anyone who connects their wallet.
Navi RAT is a Remote Access Trojan (RAT) written in the Go programming language. Beyond remote access, it also functions as an information stealer, collecting cryptocurrency wallet data, Roblox session cookies, files, and other personal information from infected devices. Threats like this typical
Our researchers discovered growthsummitlabs[.]com while investigating dubious websites. After examining this rogue page, we determined that it promotes browser notification spam and generates redirects to other (likely unreliable or dangerous) sites. Growthsummitlabs[.]com impersonates a G
Our research team found the trackturbonest[.]co.in rogue page while investigating suspicious websites. After inspecting this webpage, we learned that it uses a fake CAPTCHA to trick visitors into allowing browser notifications. Once permission is granted, trackturbonest[.]co.in delivers fake virus
We analyzed this page and found that it runs a fake Microsoft Defender alert designed to trick visitors into purchasing antivirus software through an affiliate link. The page impersonates a Windows security system - displaying a fabricated sign-in warning, a fake scan, and alarming vulnerability r
During a routine inspection, our team came across signalqueryhub.com - a fake search engine that is spread through browser hijackers and similar unwanted software. It cannot generate search results on its own and instead redirects users through intermediary sites to land on a legitimate engine. S
CastleStealer is an information stealer that targets Windows computers. It is delivered by a custom Windows loader called OXLOADER, which handles the initial infection and drops the stealer payload onto the compromised system. Elastic Security Labs researchers documented the campaign and identifi
We have inspected this email and determined that it is a phishing scam. The message poses as a routine IT department notice about mailbox storage and security maintenance. It aims to trick recipients into entering their email credentials on a fraudulent login page. This email should be ignored.
We have examined this "We Have Processed Your Payment" email and concluded that it is a phishing message. It is disguised as a payment notification from AccertaClaim ServiCorp Inc. and tries to lure recipients into signing in on a fraudulent webpage. Anyone who receives this email should ignore it