While investigating suspicious websites, our research team discovered this "Lombard ($BARD) Staking" scam. It impersonates the Lombard Finance platform (lombard.finance) and offers point rewards for staking BARD tokens. The fake page operates as a cryptocurrency drainer – by siphoning funds from e
"Your Account Access Needs Reconfirmation" is a phishing email. It claims that the recipient's email must be reconfirmed as part of the routine account maintenance. This spam campaign aims to lure recipients into entering their account log-in credentials to a phishing website. The spam ema
While browsing suspicious websites, our research team discovered this fake "Zebec Network Rewards" page. It promises rewards to early Zebec platform's native token holders. It must be emphasized that this scam is not associated with the real Zebec platform (zebec.io). "Zebec Network Rewards" opera
SilentSync is a Python-based remote access Trojan (RAT) targeting multiple operating systems. It allows cybercriminals to steal sensitive information and perform other malicious tasks. If detected on a device, SilentSync should be removed using a reliable security tool as soon as possible to avoid
This "Google Voice" webpage is a phishing scam. The page claims the user has received a secure voicemail and lures them into disclosing their Gmail account log-in credentials. It must be stressed that this scam is not associated with any legitimate services or entities. This scam states th
MostereRAT is a remote access Trojan written in Easy Programming Language (EPL). It can be extended with new capabilities, deliver additional payloads, extract sensitive information, and employ evasion techniques. If the system is infected with MostereRAT, a scan using a reliable security tool sho
News-cufohe[.]cc is a rogue webpage designed to promote browser notification spam and redirect users to different (likely unreliable/hazardous) sites. The majority of visitors to news-cufohe[.]cc and analogous pages access them through redirects generated by websites utilizing rogue advertising n
Our researchers discovered the news-cowasu[.]cc rogue webpage while investigating dubious websites. Upon examination, we learned that this page promotes browser notification spam and produces redirects to different (likely unreliable/hazardous) sites. News-cowasu[.]cc and similar webpages are mos
Our analysis shows that neukdwithmefe[.]com employs a deceptive tactic to convince visitors to grant permission for notifications. Once allowed, the site can send misleading alerts containing links to other untrustworthy or potentially harmful websites. Users are advised to avoid visiting neukdwit
HiveWare is ransomware that we discovered during our routine inspection of samples uploaded to VirusTotal. Our research shows that HiveWare encrypts files and appends the ".HIVELOCKED" extension to them. For example, it renames "1.jpg" to "1.jpg.HIVELOCKED", "2.png" to "2.png.HIVELOCKED", etc. It