We have determined that it is a scam targeting cryptocurrency users. Our discovery of this scam occurred after we received a scam email. The goal is to trick unsuspecting individuals into taking actions that allow scammers to commit cryptocurrency theft. The associated website (and the promoting e
During our inspection, we discovered that browse-safely.com is not a reliable search engine. It is also promoted through a browser hijacker, an extension called Multi Search. Browse-safely.com can be used to promote untrustworthy websites and cause privacy issues. Users should not use browse-safel
During our analysis of searchsafelypro.net, we determined that it is a fake search engine. It is distributed through Get Weather Today, a browser extension that acts as a browser hijacker. Fake search engines and hijackers pose privacy risks, so searchsafelypro.net and Get Weather Today should be
While analyzing search.safelysearch.net, we found that it is a fake search engine. Moreover, it is promoted through Easy Video Finder, an extension that functions as a browser hijacker. Using fake search engines and browser hijackers can cause privacy issues. Thus, search.safelysearch.net and Easy
We have reviewed the website (oooo-update[.]com) and concluded that it is a fraudulent copy of the original oooo site (oooo.money). The fake page offers visitors the opportunity to participate in a cryptocurrency giveaway. However, following the steps provided on the site can lead to cryptocurrenc
Our analysis has revealed that search.myprivate-search.com is a fake search engine promoted via a browser hijacker (an unwanted extension) called Rapid Image Search. The browser extension forces users to visit search.myprivate-search.com by modifying the browser's settings. If such changes are not
Cyberware is ransomware that we discovered while examining malware samples submitted to VirusTotal. Our analysis has revealed that Cyberware encrypts files and appends the ".CYBER" extension to them. Additionally, the ransomware changes the desktop wallpaper and generates a ransom note ("CyberEven
We have examined the website (lihgter-dex[.]xyz) and found that it mimics the Lighter site, app.lighter.xyz. Fraudsters behind the fake page aim to trick visitors into taking steps that can lead to cryptocurrency theft. It is highly advisable to ensure that a website is is trustworthy before takin
We have reviewed the email and concluded that it is a phishing attempt disguised as a "password expiry reminder". It is designed to appear legitimate and trick recipients into opening a fake website where they are asked to disclose personal information. Victims of this scam can encounter issues su
While examining the website (app-pippin[.]trade), we found that it is made to appear as the original Pippin platform (pippin.love). The fake site has a very similar design to trick visitors into believing that they are on the real page. The scammers behind the deceptive site aim to steal cryptocur