GodRAT is a remote access Trojan (RAT) built on the Gh0st RAT source code. It shares similarities with AwesomePuppet, another RAT. GodRAT can be expanded with extra plugins that give attackers more capabilities. Cybercriminals use it to steal information and deploy additional payloads. God
Our analysis of inroadslab[.]com shows that the site is crafted to convince visitors to enable its notifications. Once allowed, it can send deceptive alerts that direct users to other unreliable websites. Users should avoid visiting inroadslab[.]com and close the page if they ever visit it.
Our researchers found the iasninancuka[.]com rogue webpage during a routine investigation. After examining this page, we determined that it endorses spam browser notifications and generates redirects to different (likely unreliable/malicious) websites. Most visitors to iasninancuka[.]com and simi
Matrix is ransomware (belonging to the Proton family) that our team discovered during an examination of samples uploaded to VirusTotal. Our examination shows that Matrix encrypts files and changes their filenames by replacing their names with a random string and appending the ".matrix" extension.
We have analyzed iamnotice[.]com and discovered that it is designed to persuade visitors to accept its notifications. If permitted, the site can deliver misleading alerts to trick users into opening other untrustworthy websites. Users are advised to avoid iamnotice[.]com and exit the page if encou
We have examined draceneucost[.]com and found that it uses deception to trick visitors into agreeing to get notifications from it. If this permission is granted, draceneucost[.]com can show fake messages to promote other unreliable websites. Therefore, users should not visit draceneucost[.]com and
Laermorous[.]com is a rogue webpage that promotes browser notification spam and generates redirects to different (likely suspect/dangerous) sites. The majority of visitors to such pages access them via redirects produced by websites that employ rogue advertising networks. Our researchers discovere
Kabulamma.co[.]in is a rogue webpage discovered by our researchers during a routine investigation of untrustworthy sites. Upon inspection, we learned that this page promotes browser notification spam and redirects users to other (likely dubious/dangerous) websites. Most visitors to webpages like k
During a routine inspection of dubious websites, our researchers discovered this fake "Keeta ($KTA)" airdrop. This site is disguised as the official Keeta website (keeta.com). It operates as a cryptocurrency drainer – by stealing funds from exposed cryptowallets. IMPORTANT NOTE: We do not re
Our analysis of claims-blockstreet[.]com has revealed that it is a fraudulent website impersonating the legitimate Blockstreet platform (blockstreet.xyz). Its goal is to deceive visitors into performing actions that enable scammers to steal their cryptocurrency. Thus, this site should be avoided a