We have reviewed the message and concluded that it is designed to look like an official message from Wells Fargo, a legitimate bank. The email includes a link to a phishing website designed to extract personal information. Scammers behind this scam seek to gain access to personal accounts and misu
We have inspected the email and found that it is disguised as a message from PayPal. The email seems important and urgent, but it is actually a scam. The goal is to trick recipients into opening a fake website and disclosing personal information. Falling for this scam can result in account hijacki
PhantomPulse is a remote administration Trojan (RAT) developed using artificial intelligence (AI). It targets both Windows and macOS users. It is known that attacks often begin using a tool called Obsidian to gain access to devices. Usually, cybercriminals use RATs like PhantomPulse to steal infor
OmniStealer is an information stealer targeting cryptocurrency wallets, web browsers, and other applications (and accounts). It is commonly delivered using GitHub repositories. Victims of OmniStealer attacks can encounter issues such as identity theft, financial loss, account hijacking, reputation
Our analysis shows that register-tether[.]xyz is a deceptive website designed to look like the official Tether page (tether.io). It offers rewards in exchange for voting, but its real purpose is to trick visitors into following instructions that can lead to the theft of their cryptocurrency. This
KRYBIT is ransomware that our team discovered while examining malware samples uploaded to VirusTotal. Once executed, it encrypts files and appends the ".KRYBIT" extension to files. For instance, it renames "1.jpg" to "1.jpg.KRYBIT", "2.png" to "2.png.KRYBIT", and so on. KRYBIT also drops a ransom
Infiniti is an information stealer targeting macOS users. Cybercriminals were observed distributing it via ClickFix, a deceptive social engineering technique. Infiniti is designed to steal various information, including browser credentials, Keychain entries, and cryptocurrency wallet data. If de
We have inspected the website (makealiensgreatagain[.]app) and found that it is a copy of the original Make Aliens Great Again platform (makealiensgreatagain.com). The fraudulent version is designed to steal cryptocurrency from victims through a malicious tool. It should be avoided to prevent fina
Our team has determined that this is a scam involving a legitimate website (GitHub platform) and a fake application uploaded to it. The distributed application is flagged as malicious by multiple security vendors. Thus, installing it may lead to identity theft, financial loss, or other issues. Use
Net is ransomware that we uncovered while examining malware samples submitted to VirusTotal. After execution, Net makes files inaccessible by encrypting them. Also, the ransomware appends the ".net6" extension to files (the number in it may vary) and provides a ransom note ("Recovery_Instructions.