Our inspection of the "Shared-File Attachments" email revealed it to be spam. This message claims that the recipient has been sent remittance advice in a password-protected file. This spam mail aims to trick recipients into disclosing their email account log-in credentials to a phishing site.
While investigating untrustworthy websites, our research team discovered this fake "Multipli ($MULTI) Registration" site. It impersonates Multipli (multipli.fi), yet the scam bears no association with this platform. The imitator webpage promotes a cryptocurrency drainer that steals digital assets
After examining this "Quote For Delivery Price And Time" email, we learned that it is spam. This is a phishing email that targets recipients' account log-in credentials (passwords) through an RfQ (Request for Quotation) themed lure. The spam email with the subject "Request for Quotation: U
Gunra is the name of a ransomware-type program. This piece of malicious software operates by encrypting data and demanding ransoms for the decryption. On our test machine, Gunra encrypted files and appended their names with a ".ENCRT" extension. For example, an original filename such as "1.jpg" a
Our analysis of levelupconnection.co[.]in has shown that it is a deceptive website. It uses clickbait to obtain permission to send notifications. Notifications from levelupconnection.co[.]in include fake warnings and other misleading content. Users should avoid granting permission to show notifica
SuperCard X is a mobile malware targeting Android users. It is offered to cyber criminals through a Malware-as-a-Service (MaaS) model. The attackers focus on customers of banks and credit card companies, with the goal of stealing their payment card information. Victims of SuperCard X are strongly
Our research team discovered the livecubewordopiafile[.]monster rogue page during a routine inspection of suspect websites. Upon examination, we learned that this webpage endorses dubious software and browser notification spam. It also redirects users to other (likely unreliable/hazardous) sites.
Our researchers discovered the Tasjoc Tools Quato app while inspecting dubious websites. Upon analysis, we determined that this piece of software is a PUA (Potentially Unwanted Application). It is a dropper for the Legion Loader malware. It is worth mentioning that installers like the one carrying
We have inspected the website (ipfs.interface[.]social) and found that it mimics the original/official Wrapped Bitcoin (WBTC) website. The fake site offers individuals to claim WBTC rewards as a lure. Its purpose is to trick unsuspecting users into taking actions that can lead to significant finan
Our analysis of the site (allocate-strawberry[.]com) revealed it to be a fraudulent page posing as the legitimate Strawberry (usestrawberry.ai) platform. We also discovered that the site is designed to steal cryptocurrency from victims. It is strongly advisable to avoid visiting such sites and int