After inspecting this "Signed Invoice" email, we determined that it is spam. The message claims that the recipient could not be otherwise contacted, so they have been sent the invoice via email. This is a phishing campaign that targets email account log-in credentials through fake document-sharing
Our researchers found this "Exodus Clear Signing Activation" scam during a routine investigative session. We discovered it on exodus-clearsigning[.]com, but it could be hosted elsewhere. This scheme impersonates the official website of the Exodus cryptocurrency wallet – exodus.com. The fake page i
JinxLoader is a cross-platform loader written in the Go programming language that targets Windows and Linux operating systems. It is designed to create botnets and cause further system infections. JinxLoader has first been observed in the Autumn of 2023. After a suspected code sale to two threat
We have examined the page (rewards.mantleweb3[.]xyz) and learned that it is a scam website. It is designed to appear like the real site (mantle.xyz) and trick users into taking action that could result in cryptocurrency theft. Users should be careful when encountering such pages to avoid monetary
AutoClicker is an application created to automate the clicking of a mouse on a computer screen element. However, we found that it is distributed through torrents and similar channels, and its installer (and the app itself) is flagged as malicious by multiple security vendors. Thus, it is advisable
GhostSpider is an advanced, multi-layered backdoor that can load various modules, each designed for specific tasks or functions. This backdoor has been recently discovered and observed targeting telecommunications companies in Southeast Asia. It operates stealthily, allowing attackers to carry out
Our team has examined oppush[.]space and concluded that this web page cannot be trusted. It displays a deceptive message and requests permission to show notifications that can be used to promote unreliable content. Overall, users should avoid visiting opush[.]space and not allow it to send notific
We have inspected activesafe[.]site and discovered that it displays various fake warnings and requests permission to show notifications. Usually, users who agree to receive notifications from sites like activesafe[.]site are bombarded with annoying and misleading ads and other content. Thus, it is
We have analyzed this email and discovered that it is a fake email server notification containing a link to a phishing website. Scammers behind this fraudulent email seek to extract personal information from recipients. This email should be ignored to avoid potential negative consequences.
Our researchers discovered the Fire Shield Secure Search browser extension while investigating deceptive sites. Its promotional material endorses this software as a tool for protecting users from various online threats. After analyzing this extension, we determined that it is a browser hijacker.