QuickLens - Search Screen with Google Lens is promoted as an extension for searching a screen or any image for product details, translations, and more. However, this extension is actually considered as a malware. It contains malicious scripts designed to harvest sensitive information and launch Cl
We have examined the website (waronsoi[.]pro) and concluded that it is a fraudulent site designed to steal cryptocurrency. It promises free tokens as a lure. Victims of such scams usually permanently lose their crypto. Thus, waronsoi[.]pro should be avoided and closed if ever encountered. IM
We have checked the message and discovered that it is from scammers. This deceptive email is presented as a notification from an email service provider. It warns recipients about a supposedly detected fraudulent activity to trick them into opening a fake website. The purpose of this scam email is
GHOSTFORM is a .NET-based remote access trojan (RAT) that combines multiple attack capabilities into a single binary and executes PowerShell scripts directly in memory. It uses evasion techniques such as invisible Windows forms and delayed execution timers to help avoid detection. If detected, GHO
Oblivion RAT is a remote access Trojan that allows attackers to control Android devices remotely. It is sold as a malware-as-a-service (MaaS), with prices ranging from $300 per month to $2,200 for lifetime access. The service provides tools to create infected apps, fake update pages to trick users
Our team has analysed the email and found that it contains a fraudulent alert regarding a firmware update. The message is designed to appear as if it comes from Ledger, a legitimate cryptocurrency hardware wallet provider. The fraudsters behind this scam attempt to lure recipients to a fraudulent
We have examined the email and discovered that it is a scam. It is presented as a message (a security alert) from Ledger, a legitimate company that produces hardware wallets for cryptocurrency. The scammers behind this deceptive email aim to trick recipients into opening a fake website and enterin
Our team has inspected the message and found that it is disguised as a legitimate honeymoon-related customer service request. However, it contains a link designed to download a malicious file. Interacting with the downloaded file can result in a system infection. Thus, recipients should ignore thi
We have reviewed the message and found that it is a phishing attempt crafted to appear as a notification from an email service provider. The scammers behind this scam campaign aim to trick recipients into sharing personal information on a deceptive site. Victims of this scam may experience account
Upon inspecting the website (overview-keeta[.]pro), we concluded that it mimics the original Keeta page (keeta.com) to trick visitors into believing that they can receive rewards. The fraudulent version is designed to trick unsuspecting individuals into taking actions that can result in the theft