After examining this "Ledger Recovery Phrase Verification" email, we learned that it is fake. This message falsely claims that the Ledger cryptocurrency wallet service has experienced a data breach, during which the log-in credentials of some cryptowallets might have been exposed. Hence, the reci
We have examined chautcheestub[.]com and found that it displays deceptive content and wants to show notifications. Usually, notifications from sites like chautcheestub[.]com are utilized to promote various scams and other fraudulent schemes. Thus, chautcheestub[.]com should be avoided. Cha
WezRat is malware written in C++. Cybercriminals use it to steal information and perform other malicious activities. The malware has been active for over a year, with evolving modules and infrastructure. The latest version of WezRat was observed being distributed through deceptive emails.
Our research team found the bestsecretvideos[.]online rogue page while investigating dubious websites. After inspecting this webpage, we learned that it endorses browser notification spam and redirects users to different (likely untrustworthy/hazardous) sites. Most visitors access bestsecretvideo
During our inspection of columnstoodth[.]com, we found that this page uses clickbait to obtain permission to show notifications. If allowed, columnstoodth[.]com can send deceptive notifications. Therefore, users are advised not to trust columnstoodth[.]com (avoid visiting the page and granting it
While investigating deceptive websites, our researchers discovered this fake "$PAW Token Exchange". It was endorsed on claims-pawfury[.]app (potentially on other domains). Regardless of any similarities to existing projects, platforms, and entities – this scam is not associated with any of them. T
SHAVELP**SY (censored) is ransomware our team discovered while analyzing malware samples uploaded to VirusTotal. We found that it encrypts files, appends the ".p**sylikeashavel@cyberfear.com" extension to filenames, and creates a ransom note ("README_SHAVEL.txt"). An example of how SHAVELP**SY mo
While inspecting samples submitted to VirusTotal, we discovered R2Cheats, a ransomware variant that encrypts files and appends "_R2Cheats" to filenames. It also provides a ransom note ("ransom_note.txt"). An example of how R2Cheats renames files: it changes "1.jpg" to "1.jpg_R2Cheats", "2.png" to
Our researchers discovered this fake "LINGO Airdrop" during a routine investigation. The scam entices users into exposing their wallets to a cryptocurrency drainer. Victims of this scheme experience financial loss. It must be stressed that this bogus airdrop is not associated with the actual Lingo
Our researchers found the safetydefender[.]top rogue page while inspecting dubious websites. After examining this webpage, we determined that it promotes browser notification spam and generates redirects to different (likely unreliable/dangerous) sites. Safetydefender[.]top and similar pages are