After reviewing the website (claim-goyim.pages[.]dev), we identified it as a scam. It falsely offers visitors the opportunity to join a cryptocurrency airdrop. The attackers behind this site aim to steal funds from users' crypto wallets, meaning that engaging with it could lead to serious financia
Xillen is an information stealer often distributed through other malware, such as Amadey. Once executed on the device, it gathers various information and sends it to cybercriminals. Having the system infected with Xillen can result in issues such as identity theft and financial loss. Thus, if dete
We have tested the malware and found that it is ransomware belonging to the MedusaLocker family. Once executed, Venere encrypts files and appends the ".Venere1" extension (the included number might vary). For example, it renames "1.jpg" to "1.jpg.Venere1", "2.png" to "2.png.Venere1", and so forth.
Our team has found that this is a phishing email designed to appear as a notification from the email service provider. It includes a link to a fake site created to trick visitors into disclosing personal information. Recipients should ignore this email to avoid account hijacking and further issues
Arsink is a Remote Access Trojan (RAT) targeting Android operating systems. It is a sophisticated malware that allows attackers to remotely access/control devices and exfiltrate a variety of sensitive data. Arsink is distributed worldwide through opportunistic campaigns, under the guise of various
After inspecting this "Zoho Mail Upgrade" email, we determined that it is fake. This spam message states that recipients must update their accounts to avoid deactivation. The purpose of this campaign is to lure users into disclosing their email log-in credentials to a phishing website. The
"Clawdbot ($CLAWD) scam" refers to fraudulent and deceptive content that uses the "Clawdbot" name/branding as a disguise. Clawdbot was the original name of an AI (Artificial Intelligence) software project that was later renamed "Moltbot" and then rebranded as "OpenClaw". These scams have no affili
Our researchers discovered trendstitchhub[.]com while investigating dubious websites. After examining this rogue page, we determined that it promotes browser notification spam and generates redirects to other (likely unreliable/dangerous) sites. Most visitors to trendstitchhub[.]com and similar w
Our analysis shows that this is a scam involving fake alerts designed to trick visitors into taking immediate action. It uses scare tactics to promote other sites, which may include malicious pages. Users should close websites of this kind if they encounter them to avoid the associated risks.
Our research team discovered vironexta[.]com during a routine inspection of untrustworthy webpages. Upon examination, we determined that this rogue site endorses spam browser notifications. It can also redirect visitors to different websites, which are likely unreliable or dangerous. The majority