GhostSpy is Android malware known for its sophisticated evasion, persistence, and device surveillance methods. Once executed, it maintains a continuous connection to its command-and-control (C2) server and enables extensive remote access and spying capabilities on the compromised device. Victims a
Our researchers discovered stylegridconnect[.]com while investigating suspicious websites. Upon analysis, we learned that this rogue page endorses scams and browser notification spam. It can also redirect users to different (likely dubious/malicious) sites. Most visitors to stylegridconnect[.]com
Katz is the name of a stealer-type malware. As the classification implies, this malicious program is designed to steal vulnerable information from infected devices and installed software. Katz targets log-in credentials, cryptocurrency wallets, and other data. This stealer is promoted as MaaS (Mal
Our research team discovered this fake "Binance" airdrop during a routine investigation of suspicious websites. The deceptive page promotes a cryptocurrency drainer, which operates by draining funds from exposed digital wallets. It must be stressed that this scam is not associated with Binance Hol
Our researchers discovered this fake "loopedHYPE (LHYPE)" airdrop while investigating suspicious websites. This scam imitates the Looped Hype (LHYPE) protocol site and operates as a cryptocurrency drainer. In other words, this bogus airdrop siphons digital assets from victims' cryptowallets.
We have inspected the website (app-hyperlend[.]com) and discovered that it is a fake site presented as the original one (hyperlend.finance). Its purpose is to lure unsuspecting visitors into taking steps that can lead to cryptocurrency theft. It is important to be careful when encountering such si
DEVMAN is ransomware that encrypts files and generates a ransom note ("README.yAGRTb.txt") containing contact and payment information. It also changes the desktop wallpaper and appends the ".yAGRTb" extension to files. For example, DEVMAN renames "1.jpg" to "1.jpg.yAGRTb", "2.png" to "2.png.yAGRTb
Our analysis of this website (launchon-sol[.]com) has shown that it is a fake site designed to trick visitors into "participating" in a fake cryptocurrency presale. Scammers behind this fraudulent web page aim to steal cryptocurrency from unsuspecting individuals. Thus, it should not be trusted.
Revupdevice.co[.]in is a rogue page that we discovered while inspecting questionable websites. This webpage endorses browser notification spam and redirects visitors to different (likely untrustworthy/dangerous) sites. Pages like revupdevice.co[.]in are primarily accessed via redirects caused by w
Our researchers discovered the SatelliteDiscovery app while reviewing new file submissions to the VirusTotal site. After analyzing this piece of software, we learned that it is adware from the AdLoad malware family. SatelliteDiscovery is designed to run intrusive ad campaigns. Advertisin