ZipLOCK is ransomware that, unlike most malware of this type, does not encrypt files. It puts the victim's files into a password-protected ZIP file. Also, ZipLOCK creates a ransom note ("[ZipLOCK]INSTRUCTIONS.txt") and renames archived files by prepending "[ZipLOCK]" and appending ".zip". For exa
Our examination of the page (worldscoins-claims.pages.dev) reveals that it is a scam website aimed at stealing cryptocurrency from unsuspecting users. The site imitates world[.]org (the real website) to mislead visitors. This and similar sites should be recognized as scams and avoided. IMPOR
While examining the MAVIA Registration site (register-mavia[.]app), we discovered that it is a fraudulent page posing as the real site (mavia[.]com). The purpose of the fake page is to trick visitors into "registering" and stealing their cryptocurrency. Thus, it is highly advisable to avoid sites
While inspecting suspect websites, our researchers discovered the diddylliker[.]com rogue page. After investigating it, we learned that this webpage endorses browser notification spam and generates redirects to different (likely dubious/malicious) sites. Users primarily enter pages like diddyllik
Our researchers discovered this fake "OPTIMISM Airdrop" promoted on optimismclaim.pages[.]dev (could be hosted elsewhere). The scam imitates the Optimism network (optimism.io) running an airdrop. Instead of distributing tokens, this scheme functions as a cryptocurrency drainer. Victims of this hoa
Blue is a ransomware based on another named SHINRA. Malicious software within this classification encrypts data and demands ransoms for the decryption. On our testing system, Blue encrypted files and renamed them. Original filenames were changed to a random character string and appended with a ".
After reading this "Donation To Charity Through You" email, we determined that it is spam. This letter seeks aid from the recipient in distributing the sender's funds to charity. Supposedly, the recipient will be rewarded monetarily for their help. This spam mail most likely seeks to trick victims
We have reviewed streamuberswiftthe-file[.]top and found that it displays deceptive content designed to manipulate visitors into consenting to receive notifications. Websites that use clickbait or other techniques to obtain permission to send notifications should be avoided. If streamuberswiftthe-
Kral is an information-stealing malware delivered via a downloader with the same name and other similarities. It is known that Kral stealer targets cryptocurrency wallets and browser data. Systems that may be infected with this malware should be scanned using a reputable security tool as soon as p
Laiphuphegrohu[.]com is a rogue page that promotes dubious content and browser notification spam. It can also redirect visitors to other (likely untrustworthy/hazardous) websites. Most visitors to these kinds of webpages access them via redirects caused by sites that utilize rogue advertising net