BrowserVenom is a piece of malicious software that operates as proxyware. It manipulates users' network traffic and gathers vulnerable information. BrowserVenom was proliferated under the guise of DeepSeek. Evidence found within the infrastructure promoting the fake app suggests that it was creat
Our researchers found this fake "Bitcoin Pepe Presale" while investigating suspicious social media posts. The scam page claims that users can buy Bitcoin Pepe (BPEP) coins at a reduced price. The goal is to deceive victims into exposing their digital wallets to a crypto drainer. IMPORTANT NO
We have analyzed the page (tradingbotcrypto[.]com) and discovered that its purpose is to trick unsuspecting visitors into executing a malicious tool designed to steal their cryptocurrency. Typically, websites like this one offer rewards or other benefits to lure users. It is important to be carefu
During our analysis of the site (wwdc25[.]com), we found that it is a scam website posing as the official Worldwide Developers Conference (WWDC) website. This fraudulent site promotes a fake cryptocurrency giveaway. Scammers behind this scheme seek to steal cryptocurrency from victims. App
Our research team found the Adicea.app adware. This rogue application belongs to the Pirrit adware family. Advertising-supported software is designed to generate revenue for its developers/publishers. Adware operates by running intrusive advertisement campaigns. Typically, this software
Our examination shows that retobeassilentasaf[.]org is a misleading web page created to trick visitors into permitting it to show notifications. If users agree to receive notifications from retobeassilentasaf[.]org, they can be exposed to scams and other online threats. Thus, this site should be a
While reviewing new malware submissions to VirusTotal, our researchers discovered the Puld ransomware. This malicious program belongs to the MedusaLocker ransomware family. Puld is designed to encrypt files and demand payment for the decryption. On our test machine, this ransomware encrypted file
We have inspected adsfreshclick[.]top and found that it uses clickbait to deceive visitors into agreeing to receive its notifications. When adsfreshclick[.]top obtains permission to show notifications, it delivers fake messages to promote other untrustworthy websites. Thus, adsfreshclick[.]top sho
Our discovery of the Backups malware occurred while examining samples uploaded to VirusTotal. Our analysis shows that Backups is ransomware designed to encrypt files and appends an email address and the ".backups" extension to files. For instance, it renames "1.jpg" to "1.jpg.[backups@airmail.cc].
During our inspection of Valenciennes.app, we found that it is adware belonging to the Pirrit family. Multiple security vendors flag this application as malicious, and it can display annoying ads to promote potentially malicious web pages. Thus, users should avoid installing the Valenciennes.app