Our research team discovered the appcloud-center[.]com rogue page while browsing questionable websites. Upon inspection, we learned that this webpage endorses browser notification spam and redirects users to different (likely dubious/malicious) sites. Most visitors access pages like appcloud-cent
After examining the "Outlook - Upgraded Version Now Available" email, we determined that it is spam. This message states that the recipient must upgrade their account or risk its deactivation. The purpose of this mail is to trick users into disclosing their account log-in credentials to a phishing
Upon inspection of the "Claim Your Dreamloops NFT Mystery Box" email, we determined that it is spam. This letter lures users into visiting a scam website by promising the chance to claim a mystery box containing various valuable rewards. At the time of research, this spam mail promoted the "Axie
"Axie Infinity Claim" is a scam impersonating the Axie Infinity blockchain game website. The fake page – conorandrobin[.]com (could be hosted elsewhere) – supposedly allows users to claim NFTs (Non-Fungible Tokens). Instead, users who connect their digital wallets expose them to a crypto drainer.
BLASSA is a malicious program categorized as ransomware. Malware of this kind operates by encrypting data and demanding ransoms for its decryption. After we executed a sample of BLASSA on our test machine, it encrypted files and added a ".blassa" extension to their filenames. For example, a file
Our team has inspected withbtrads[.]top and learned that this website cannot be trusted. It displays deceptive content (uses a clickbait technique) to obtain permission to show notifications. Typically, when users agree to receive notifications from such pages, they are bombarded with fake warning
CrypticSociety is ransomware designed to encrypt files. It is identical to another ransomware variant known as Blue. In addition to encrypting files, CrypticSociety renames them and provides a ransom note ("#HowToRecover.txt"). It replaces the names of encrypted files with a random string and appe
This "CARV Airdrop" is fake. We found this scam on carv-quests.pages[.]dev, but it could be hosted elsewhere. It is disguised as the CARV platform (carv.io) running an airdrop. Users lured into connecting their digital wallets to this scheme expose them to a cryptocurrency drainer. IMPORTANT
While inspecting clickbtrads[.]top, we found that this page uses clickbait to obtain permission to show notifications. Sites that use deceptive techniques to obtain this permission usually deliver misleading notifications. Therefore, it is important to avoid visiting clickbtrads[.]top and acceptin
ZipLOCK is ransomware that, unlike most malware of this type, does not encrypt files. It puts the victim's files into a password-protected ZIP file. Also, ZipLOCK creates a ransom note ("[ZipLOCK]INSTRUCTIONS.txt") and renames archived files by prepending "[ZipLOCK]" and appending ".zip". For exa