We have examined ficullbele.co[.]in and discovered that it uses a deceptive method to trick visitors into granting it permission to send notifications to their devices. If allowed, ficullbele.co[.]in can show notifications designed to promote unreliable websites, including various scams. Thus, fic
Our analysis of the email has shown that it contains a fake notification regarding an email account update. It is crafted to lure unsuspecting recipients into opening a fake web page and disclosing personal information. Such scams are known as phishing attempts, and they should be ignored to avoid
Krypt is a ransomware-type program that encrypts data and demands a ransom for its decryption. Files encrypted by Krypt have their names altered. Original filenames are changed to a random character string and appended with a ".helpo" extension; for example, a file titled "1.jpg" on our test machi
CurlBack RAT is a remote access Trojan that allows attackers to perform various actions on infected devices. Usually, RATs like CurlBack are employed to steal sensitive information, deploy additional payloads, or perform other malicious activities. If a computer is infected with the CurlBack RAT,
We have inspected the website (novaverification.pages[.]dev) and found that it is used by scammers who aim to steal personal information from unsuspecting users. The site displays a deceptive message to extract personal details. Victims of this scam can suffer monetary loss. Thus, if encountered,
During our inspection of the site (claims-pumpbtc[.]net), we found that it is a fake website masquerading as the legitimate PumpBTC site (mainnet.pumpbtc.xyz). Scammers behind the fraudulent page aim to steal cryptocurrency from users. Users should avoid interacting with the fake site to avoid mon
GRAPELOADER is a malware used in the initial stages of an infection to collect system data, prep the device for further infiltration, and carry it out (i.e., download/install additional payloads). This malicious program has been used in a campaign that began in January 2025. This activity has bee
Our research team found the agwaravocaed.co[.]in rogue page while investigating suspicious websites. Upon examination, we determined that this webpage endorses browser notification spam and redirects visitors to other (likely unreliable/harmful) sites. The majority of visitors to agwaravocaed.co[
Our inspection of the "Service Desk" email revealed that it is spam. It claims that multiple messages failed to reach the recipient's inbox due to a server error that has already been addressed. By attempting to review the pending emails, the recipient is tricked into disclosing their account log-
While browsing dubious websites, our researchers discovered this fake "Claim Empyreal (EMP)" webpage. It imitates the Empyreal (empyrealsdk.com) platform and lures users with an airdrop of unclaimed tokens. The purpose of this scam is to trick victims into exposing their digital wallets to a crypt