XAVIER ERA is information-stealing malware designed to extract sensitive data from web browsers and other applications. This malware poses significant risks to user privacy and security. Thus, victims should eliminate it from affected systems as soon as possible to avoid identity theft, monetary l
In our examination of the email, we determined it to be a fraudulent message about a supposed prize win. It is crafted to deceive recipients into thinking they have won a large amount of money. The scammers' objective is to extract personal information and/or money from the recipients. Thus, this
Our examination of the website (airdrop-peanut[.]com) has revealed that it is a copy of the original site (peanut-coin[.]xyz). The fake web page is designed to trick visitors into believing that they can participate in a crypto giveaway. Anyone who falls victim to this scam could face serious fina
Our review of the email has revealed that it is a fraudulent message pretending to be from the World Bank Group regarding a confirmed overdue payment. This scam email is designed to deceive recipients into providing personal information and (or) sending money to the scammers. It should not be trus
We have examined the site (freedumfightersapp.pages[.]dev) and determined that it is operated by fraudsters. The scammers behind this page seek to entice visitors into actions that could lead to the draining of their cryptocurrency wallets. Therefore, it is important to be careful when encounterin
We have inspected this page (blockchainzassets.pages[.]dev) and discovered that it is a fraudulent site claiming to provide a wallet recovery service. However, the real purpose of this website is to steal cryptocurrency from users. Therefore, it is highly advisable to avoid visiting it. IMPO
Weaxor is ransomware designed to encrypt files so that victims are forced to pay the attackers for their decryption. Additionally, Weaxor appends the ".rox" extension to filenames and provides a ransom note ("RECOVERY INFO.txt"). An example of how files encrypted by Weaxor are renamed is "1.jpg" b
Our analysis of anapurnatop[.]top has shown that this page uses clickbait (a deceptive method) to receive permission to send notifications. As a rule, notifications generated by websites like anapurnatop[.]top contain fake and misleading messages, and clicking them can lead users to potentially ma
Our analysis of Violent_shark has shown that it is an unwanted extension distributed through a malicious installer (multiple security vendors flag this installer as malicious). Violent_shark has no clear functionality, but it is very likely that it could expose users to security and privacy issues
Nyxe is ransomware that we discovered during our inspection of samples uploaded to VirusTotal. Our examination revealed that Nyxe encrypts data, renames files by adding the ".nyxe" extension, creates a ransom note titled "Decryption Instructions.txt", and changes the victim's desktop wallpaper. A