After reading this "Have You Heard Of Hermit" email, we determined that it promotes a sextortion scam. It claims that the recipient's devices were infected with malware, which was used to collect private data and record a sexually explicit video of the user. The spam message threatens to leak the
Our research team found the oroectua.co[.]in rogue page while browsing dubious websites. After inspecting this webpage, we determined that it promotes browser notification spam and generates redirects to different (likely unreliable/hazardous) sites. Most visitors access oroectua.co[.]in and simil
Our researchers discovered this fraudulent "Humanity Protocol" page during a routine investigative session. This scam impersonates the official website of Humanity Protocol (humanity.org). The fake site aims to deceive users into exposing their digital wallets to a crypto drainer. IMPORTANT
"1 Year Free Premium NordVPN" is a ClickFix scam. It is presented as a cybersecurity questionnaire, upon completion of which users are promised a free NordVPN subscription for a year. It must be emphasized that this scam is not associated with the real NordVPN service. The goal of a ClickFix scam
While investigating questionable websites, our researchers found this fraudulent "GMGN" site. This scam page impersonates GMGN.AI but bears no association with the real platform. The goal of the fake webpage is to deceive users into connecting their cryptowallet to a cryptocurrency drainer.
We have inspected the site (whaleai[.]sbs) and found that it is a scam. The page offers users the opportunity to earn crypto using the WhaleAI Blockchain Tool. Its purpose is to lure users into taking actions that allow fraudsters to steal their cryptocurrency holdings. Users should avoid visiting
Our researchers discovered this fake "Fix Web3 Issues" site during a routine inspection of suspicious websites. This webpage promises to fix a variety of issues linked to cryptocurrency wallets. This is a phishing site that aims to trick users into disclosing their wallet log-in credentials.
NimDoor is a type of malware that targets macOS systems, especially in Web3 and crypto organizations. It uses advanced techniques like encrypted settings, asynchronous execution, and a distinctive way to stay hidden and persistent. It is notable for using Nim programming language components, mak
While investigating suspicious sites, our researchers discovered this fake "THENA" webpage (thenaflnonce[.]org; possibly other domains). The goal of this scam page is to deceive users into exposing their digital wallets to a cryptocurrency drainer. It must be emphasized that this fraudulent webpag
We have examined ofliker.co[.]in and found that its purpose is to obtain permission to show notifications. This site uses clickbait to trick users into agreeing to receive its notifications. If permitted, ofliker.co[.]in can deliver fake warnings and other misleading notifications that can expose