StreamSpy is a newly identified Trojan used by the Patchwork (APT-Q-36) threat group. It communicates with its command server using both WebSocket and HTTP, utilizing WebSocket for receiving instructions and sending results, and HTTP for tasks such as file transfers. StreamSpy has similarities wit
This "Railgun Rewards" scam masquerades as the RAILGUN protocol. It states that users have unclaimed rewards worth over one thousand US dollars. The scam is not associated with RAILGUN. The goal is to deceive victims into exposing their digital wallets to a cryptocurrency drainer. IMPORTANT
After reviewing this "Email Address Will Be Deactivated As A Security Measure" message, we determined that it is spam. It claims that the recipient's email address will be deactivated, and to avoid service disruptions – the records must be updated. The goal is to trick users into exposing their em
Our researchers discovered this fake "Griffain" site during a routine investigation. It impersonates the Griffain platform and operates as a cryptocurrency drainer. Essentially, victims' digital assets are transferred to scammer-owned wallets. IMPORTANT NOTE: We do not review crypto projects
While browsing dubious websites, our research team discovered the fake "EtherLens Rewards" page. It operates as a cryptocurrency drainer and lures victims into exposing their digital wallets by promising Ethereum (ETH) cryptocurrency rewards. IMPORTANT NOTE: We do not review crypto projects,
Our review of the email has shown that it is a sextortion scam. The scammers behind it claim that they have accessed the recipient's devices and threaten to release explicit videos unless a ransom is paid. All claims in this scam email are not true. Whoever receives this email should ignore it.
Our team has discovered a fake Photon website (speedtrade[.]icu) designed to steal cryptocurrency from unsuspecting individuals. Scammers can steal crypto by tricking users into connecting their wallets. If this website is visited, it should be closed and never opened again. Falling for this scam
Our review of the "Urgent Action Required" email revealed that it is spam. It urges the recipient to upgrade their mailbox to retrieve pending messages. The purpose of this phishing campaign is to deceive users into revealing their email account log-in credentials. The spam email with the
After examining this "Mailbox Storage Limit Exceeded" email, we determined that it is spam. This message alerts the recipient that their email account storage limit has been reached. The goal of this fake email is to trick victims into disclosing their account log-in credentials to a phishing webs
We have inspected the website (claim-tectum[.]org) and found that it is a fraudulent copy of the original Tectum site, tectum.io. The fraudulent page copies the original's appearance to trick users into wallet access. Falling for this scam can result in significant monetary loss. Thus, this websit