While browsing suspect websites, our researchers found one promoting a rogue installer. Upon examination, we learned that it carries KipcApp – a PUA (Potentially Unwanted Application). The setup included multiple pieces of other suspicious software. PUAs are considered a threat, as they typically
The "Avoid Mailbox Interruption" email is spam. This fake message claims that incoming emails have been placed on hold. The goal of this mail is to trick recipients into visiting a phishing site that seeks to extract their account log-in credentials. This scam email states that incoming me
We have inspected this email and concluded that it is a phishing email. It is created to appear as a legitimate message regarding an ability to claim a large sum of money. Scammers behind this deceptive email aim to steal personal information and (or) money from unsuspecting recipients. Th
During a routine investigative session, our research team discovered this fake "$APU Airdrop Registration" website (allocation-apustaja[.]com; potentially, other domains). The page is presented as the official site of the APU cryptocurrency token (apu.com), which is running a limited-time airdrop
During our analysis of VipKeyLogger, we found that it is malware operating as a keylogger (keystroke logger). Threat actors use malware of this type to steal sensitive information from victims. We discovered that VipKeyLogger is delivered using fraudulent emails containing a malicious attachment.
CryptoAITools is the name of a cross-platform malware that seeks to steal cryptocurrency. This software can infect Windows and Mac operating systems. CryptoAITools is a malicious Python package, and it has been distributed via PyPI (Python Package Index) and GitHub. In the known campaigns, this m
After inspecting the "American Express - Payment On Hold" email, we determined that it is fake. This spam mail informs the recipient of a pending merchant credit, which will be charged after 48 hours. This email aims to lure recipients into visiting a phishing site that targets American Express ac
Our team has inspected the site and found that it hosts a fake airdrop (cryptocurrency giveaway). In this scam, fraudsters aim to trick individuals into believing that they can receive $SpaceX coins. However, whoever falls for this scam will likely lose their cryptocurrency holdings. Thus, this we
We have examined the Volume booster - Increase Volume extension and discovered that it has traits of adware. This extension promotes potentially malicious apps, websites, and more. Therefore, it is highly advisable not to trust Volume booster - Increase Volume extension and remove it from a web br
Our analysis of travelbugtab.com revealed that it is a fake search engine promoted through a browser hijacker, an extension called Travel Bug. Users should avoid adding browser hijackers and using shady search engines to avoid exposure to potentially malicious pages, scams, and other threats. If t