After examining the "You Have Received A File" email, we determined that it is spam. This message lures recipients with a false claim concerning a sent file. By trusting the email, users are deceived into disclosing their account log-in credentials (passwords) to a phishing website. The sp
KcozApp is a PUA (Potentially Unwanted Application) discovered by our researchers while analyzing a rogue installer. The installation setup was found promoted by a deceptive site. It also contained other suspicious software, aside from KcozApp. PUAs usually possess harmful capabilities, thus havin
While investigating dubious websites, our researchers discovered several pages promoting the "ROBOTAXI ($TAXI)" scam coin. Purchasing this token is a worthless investment. It is possible that this coin was created to leverage user interest in the recently announced Tesla Cybercab. IMPORTANT
During a routine investigative session, our researchers discovered a fake "Puffer Airdrop" on app-pufferfi[.]co (keep in mind that the scam could be hosted on other domains). The scheme impersonates the Puffer Finance platform (puffer.fi) but is in no way associated with it or any other existing
We have analyzed the website (dappsy.pages[.]dev) and found that it is a fraudulent site mimicking the OpenSeaPro platform (a legitimate token marketplace). This site is controlled by scammers who seek to trick unsuspecting individuals into taking actions that allow scammers to steal cryptocurrenc
SilentCryptoMiner is a piece of malware capable of mining and stealing cryptocurrency. Also, the malware has remote control functionality. In addition to these functionalities, the malware has configuration and stealth capabilities. Victims should eliminate SilentCryptoMiner from computers as soon
Captcha-desktop is a series of websites, including captcha-desktop-ver-1-121[.]buzz, with different numbers within their URLs. These sites display deceptive content to deceive visitors into allowing them to show notifications. Also, captcha-desktop pages can redirect users to other untrustworthy s
While investigating dubious websites, our research team discovered the cbirka[.]com rogue page. It operates by endorsing browser notification spam and generating redirects to other (likely dubious/dangerous) sites. Most visitors to cbirka[.]com and webpages akin to it access them via redirects ca
This "Defi Origin" platform (defionline.pages[.]dev; may be hosted elsewhere) is fake. The scam operates as a cryptocurrency drainer. Essentially, digital assets are stolen from exposed cryptowallets. Regardless of potential similarities to existing platforms, this scheme is not associated with an
Our team has examined avys.co[.]in and discovered that this website is deceptive. Its main goal is to entice visitors to allow it to display notifications. If granted permission, avys.co[.]in can send fake notifications (e.g., bogus warnings). Therefore, users should not trust this web page.