During our inspection of the website (qnt-sushi[.]top), we found that it mimics the official Sushi page (sushi.com). The purpose of the fake site is to steal cryptocurrency holdings from unsuspecting individuals. Scammers behind the fraudulent page offer users rewards as a lure. This page should b
Winos4.0 is a malicious framework composed of multiple modules. Attackers can use such malware to carry out varied and multi-functional infections. Winos4.0 functions as a backdoor, a type of malware capable of causing further infections. The framework's capabilities are expanded through the intr
While browsing suspicious sites, our researchers discovered this fake "TRIAS Token Contract Swap" on newtriasmigrate[.]website (other domains are not unlikely). The scam imitates the official Trias site (trias.one), and attempts to lure users into exposing their digital wallets to a crypto draine
Our team has examined this email and found that it is intended to appear as a notification from an email service provider regarding account security. This is a phishing email crafted by scammers who aim to steal personal information from recipients. It is worth noting that there are two versions o
Our team has examined Scp ransomware (which we discovered during an analysis of malware samples submitted to the VirusTotal platform) and found that it belongs to the Makop family. Once infiltrated, Scp encrypts files, modifies filenames (by appending the victim's ID, an email address, and the ".s
After examining "Server Has Been Updated - Refresh Your Email", we determined that it is spam. This fake message states that multiple emails were undelivered, and the account must be refreshed to release them into the inbox. This mail promotes a phishing website targeting email account log-in cred
We have inspected andespath[.]top and discovered that it is created to lure visitors into accepting its notifications. Once permission is granted, andespath[.]top can show deceptive notifications. Therefore, users should avoid visiting andespath[.]top and never consent to receive notifications fro
Lotus-tab.com is a fake search engine. Typically, these sites cannot provide search results and redirect to legitimate search engines. Fraudulent search engines are commonly promoted (via redirects) by browser hijackers. At the time of research, lotus-tab.com was endorsed by Lotus - Your Daily Fo
While browsing suspect websites, our researchers found one promoting a rogue installer. Upon examination, we learned that it carries KipcApp – a PUA (Potentially Unwanted Application). The setup included multiple pieces of other suspicious software. PUAs are considered a threat, as they typically
The "Avoid Mailbox Interruption" email is spam. This fake message claims that incoming emails have been placed on hold. The goal of this mail is to trick recipients into visiting a phishing site that seeks to extract their account log-in credentials. This scam email states that incoming me