While investigating suspicious sites, our research team discovered this fake "Trust Wallet Airdrop". The scam imitates the official Trust Wallet website – trustwallet.com; not only in appearance but also with its URL – claiming-trustwallet[.]com (other domains are possible). It must be emphasized
PXA stealer is a type of malware designed to steal vulnerable information. This malicious program is written in the Python programming language. PXA stealer targets various log-in credentials, credit card numbers, cryptowallets, and other sensitive data. It is known that the cyber criminals behin
"Fake BitPay Wallet" refers to a scam that masquerades as the official website of BitPay (bitpay.com) – a cryptocurrency payment service provider. The fake page claims that 1.824 BTC (Bitcoin cryptocurrency) is pending transfer to the user's wallet. The goal is to deceive the victim into paying a
Glove is an information stealer written in .NET. It is capable of harvesting sensitive information from browsers (including added extensions) and software installed on computers. Threat actors have been observed distributing Glove stealer through deceptive emails. Infected computers should be scan
Thi-tl is a series of domains with different numbers in their URLs. We discovered the purpose of these pages is to trick visitors into permitting them to show notifications. When on thi-tl sites, users are presented with a misleading message (or messages). Pages that use deception to obtain permis
While investigating new malware submissions to VirusTotal, our researchers discovered the Biobio ransomware. It is a variant of the Kasper ransomware. Programs of this kind encrypt data and demand ransoms for its decryption. On our test machine, Biobio (Kasper) ransomware encrypted files and modi
Our researchers discovered befimtiboagop[.]com during a routine inspection of dubious websites. Upon examination, we learned that this rogue page promotes browser notification spam and redirects to other (likely unreliable/hazardous) sites. Most visitors enter befimtiboagop[.]com and webpages akin
Our inspection of wouldlottads[.]top revealed it to be a deceptive webpage designed to gain permission to send notifications using clickbait tactics. Users should avoid visiting wouldlottads[.]top and similar sites. If you have already granted wouldlottads[.]top permission to send notifications, i
During our inspection of thedilgad[.]top, we found it to be a deceptive web page. It is designed to obtain permission to show notifications through clickbait. Users should avoid visiting thedilgad[.]top and similar web pages. If thedilgad[.]top already has permission to send notifications, this pe
We have inspected alkads[.]com and learned that it is a shady website created to deceive visitors into granting it permission to display notifications. Like most web pages of this type, alkads[.]com uses clickbait to obtain that permission. Users should avoid visiting alkads[.]com and similar site