Our analysis of levelupconnection.co[.]in has shown that it is a deceptive website. It uses clickbait to obtain permission to send notifications. Notifications from levelupconnection.co[.]in include fake warnings and other misleading content. Users should avoid granting permission to show notifica
SuperCard X is a mobile malware targeting Android users. It is offered to cyber criminals through a Malware-as-a-Service (MaaS) model. The attackers focus on customers of banks and credit card companies, with the goal of stealing their payment card information. Victims of SuperCard X are strongly
Our research team discovered the livecubewordopiafile[.]monster rogue page during a routine inspection of suspect websites. Upon examination, we learned that this webpage endorses dubious software and browser notification spam. It also redirects users to other (likely unreliable/hazardous) sites.
Our researchers discovered the Tasjoc Tools Quato app while inspecting dubious websites. Upon analysis, we determined that this piece of software is a PUA (Potentially Unwanted Application). It is a dropper for the Legion Loader malware. It is worth mentioning that installers like the one carrying
We have inspected the website (ipfs.interface[.]social) and found that it mimics the original/official Wrapped Bitcoin (WBTC) website. The fake site offers individuals to claim WBTC rewards as a lure. Its purpose is to trick unsuspecting users into taking actions that can lead to significant finan
Our analysis of the site (allocate-strawberry[.]com) revealed it to be a fraudulent page posing as the legitimate Strawberry (usestrawberry.ai) platform. We also discovered that the site is designed to steal cryptocurrency from victims. It is strongly advisable to avoid visiting such sites and int
We have inspected the email and concluded that it is a scam. It is disguised as a letter from the HSBC bank regarding compensation for fraud victims. Scam emails like this one are usually employed to trick recipients into transferring money and (or) sending personal information to scammers. Recipi
Rans0m Resp0nse (R|R) is ransomware developed using a leaked LockBit source code. It encrypts files, appends its extension (a random string of characters, e.g., ".RSN6Lzcyg"), and creates a ransom note ("[random_string].README.txt]"). An example of how Rans0m Resp0nse (R|R) renames files: it chang
In our analysis of the site (airdrop.soonetwork[.]org), we uncovered that it is a deceptive web page masquerading as the official SOON (soo.network) platform. We also found that the purpose of the fake web page is to steal cryptocurrency from victims through a malicious tool. It is highly advisabl
We found this fake "$PEPU Staking" website (pepu-sushi[.]top; possibly other domains) while investigating suspicious sites. It claims that a staking pool has been opened and offers huge rewards. The goal of this scam is to lure users into exposing their digital wallets to a cryptocurrency drainer.