While browsing dubious websites, our researchers discovered this fake "Trezor Security Update" page. It impersonates the official website of the Trezor wallet (trezor.io) and claims that users must undertake a critical update. This is a phishing scam that targets cryptocurrency wallet log-in crede
This fake "Gasspas (GASS)" page (gasspas-vip.web[.]app; possibly other domains) is an almost perfect visual copy of the official Gasspas website (gasspas.vip). This imitator webpage promotes a cryptocurrency drainer, which is designed to siphon funds from exposed digital wallets. It must be stress
We have inspected the page (walletsuppport[.]com) and discovered that it is a fake crypto analytics platform. The scammers behind it offer crypto vouchers to lure users into connecting their wallets. Their goal is to steal cryptocurrency from unsuspecting individuals. Thus, this site should be avo
Our researchers found the 707 ransomware while investigating new submissions to the VirusTotal website. Malware of this kind encrypts data and demands payment for the decryption. On our test machine, 707 encrypted files and appended their names with a ".707" extension. For example, a file origina
We have inspected davixnaro.co[.]in and found it to be deceptive. It is designed to rick visitors into accepting push notifications. Once enabled, davixnaro.co[.]in can send fake alerts and similar messages to trick users into opening other (potentially malicious) websites. Thus, davixnaro.co[.]in
CyberHazard is ransomware from the MedusaLocker family. We discovered it while examining malware samples submitted to VirusTotal. Our analysis shows that CyberHazard encrypts files and appends the ".cyberhazard" extension to them. For example, it changes "1.jpg" to "1.jpg.cyberhazard" and "2.png"
We have reviewed the site (refundyoursol[.]io) and concluded that its purpose is to steal cryptocurrency. Like most similar scams, this page offers users the chance to receive free crypto. It is important to recognize such scams and never interact with them to avoid cryptocurrency theft. IMP
Our team has analysed the website (allocations-osaka[.]com) and found that it offers users the opportunity to receive rewards to lure them into taking actions that can lead to the theft of their cryptocurrency. This scam page mimics the original Osaka Protocol site to appear legitimate. IMPO
We have analysed the website (app.ldo-steth[.]com) and discovered that it is a scam. This page mimics the original Lido platform (lido.fi) to trick visitors into connecting their wallets. Victims of this scam can have their cryptocurrency stolen. Thus, this fraudulent page should not be trusted an
Our research team discovered this fake "$ERA" airdrop while investigating suspicious sites. When users attempt to check their eligibility for the bogus airdrop, they expose their digital wallet to a cryptocurrency drainer. It must be stressed that, regardless of any similarities, this scam is not