SingleCamper is an updated version of the RomCom RAT. SingleCamper was spotted being used as the primary implant in certain attacks carried out by threat actors. In these attacks, SingleCamper is responsible for executing all malicious post-compromise actions. It is loaded directly from the regist
While browsing suspicious websites, our researchers discovered this "SquidGrow Migration Claim" scam endorsed on squidgrow-claim.pages[.]dev (note that it could be hosted elsewhere). This fake page imitates the SquidGrow platform (squidgrow.wtf) and functions as a cryptocurrency drainer. IMP
During our inspection, we could not determine what exactly the RoxiApp application does. However, we discovered that it installs alongside other unwanted components, and multiple security vendors have flagged the installer distributing RoxiApp as malicious. Therefore, users should avoid installing
REVRAC is a malicious program that encrypts data and demands ransoms for its decryption. Due to this behavior, this software is classed as ransomware. On our testing system, REVRAC encrypted files and altered their filenames. Original titles were appended with a unique ID assigned to the victim a
This is a scam imitating the Swell Network (swellnetwork.io). It lures victims with a bogus cryptocurrency airdrop. This fake website operates as a cryptocurrency drainer. Victims of the "SWELL Airdrop" scheme cannot recover the stolen digital assets. IMPORTANT NOTE: We do not review crypto
This "Coinbase ($COIN) Airdrop" is a scam imitating the Coinbase cryptocurrency exchange platform (coinbase.com). Our researchers discovered this fake airdrop promoted on confirmtransac-chain[.]com, but it could be hosted elsewhere. This scheme operates as a cryptocurrency drainer – by stealing fu
We have inspected this email and learned that it is a fraudulent letter claiming to be from a hacker who has accessed the recipient's account and breached the online and personal security. The purpose of this email is to extract money (cryptocurrency) from unsuspecting recipients. Whoever received
Our inspection of the email has shown that it is a scam crafted to trick recipients into believing they have received an urgent notification from their email service provider. The scammers behind it seek to steal personal information. Such emails are known as phishing attempts. Recipients should b
This "Payment Details" email is spam. The scam message claims to contain an attachment detailing a processed payment – this is false. The goal of this spam campaign is to lure recipients into visiting a phishing site that targets email account log-in credentials. This scam email claims to
Our team has inspected this email and discovered that it is a scam email disguised as a notification regarding compensation. It has a PDF file attached to it. The attached document contains fake information to trick recipients into following the provided instructions. This scam should be ignored t