Our team has inspected the email and discovered that it is a fraudulent message claiming that the recipient can receive a large sum of money. Typically, scammers behind such emails seek to extract personal information from recipients or steal money from them. Either way, these emails should be ign
Geeesx.co[.]in is a rogue page that promotes browser notification spam and generates redirects to different (likely untrustworthy/harmful) websites. Most users access webpages like geeesx.co[.]in via redirects caused by sites employing rogue advertising networks. Our researchers discovered this pa
Our researchers found the nnoomm.co[.]in rogue page while inspecting dubious websites. Upon examination, we learned that this webpage promotes online scams and browser notification spam. It can also redirect visitors to other (likely unreliable/hazardous) sites. Users primarily access pages like
Our researchers discovered the hijnis[.]sbs rogue page while investigating untrustworthy websites. After examining the webpage, we learned that it endorses scams and spam browser notifications. Additionally, hijnis[.]sbs can produce redirects to different (likely unreliable/harmful) sites. The ma
After inspecting this "Signed Invoice" email, we determined that it is spam. The message claims that the recipient could not be otherwise contacted, so they have been sent the invoice via email. This is a phishing campaign that targets email account log-in credentials through fake document-sharing
Our researchers found this "Exodus Clear Signing Activation" scam during a routine investigative session. We discovered it on exodus-clearsigning[.]com, but it could be hosted elsewhere. This scheme impersonates the official website of the Exodus cryptocurrency wallet – exodus.com. The fake page i
JinxLoader is a cross-platform loader written in the Go programming language that targets Windows and Linux operating systems. It is designed to create botnets and cause further system infections. JinxLoader has first been observed in the Autumn of 2023. After a suspected code sale to two threat
We have examined the page (rewards.mantleweb3[.]xyz) and learned that it is a scam website. It is designed to appear like the real site (mantle.xyz) and trick users into taking action that could result in cryptocurrency theft. Users should be careful when encountering such pages to avoid monetary
AutoClicker is an application created to automate the clicking of a mouse on a computer screen element. However, we found that it is distributed through torrents and similar channels, and its installer (and the app itself) is flagged as malicious by multiple security vendors. Thus, it is advisable
GhostSpider is an advanced, multi-layered backdoor that can load various modules, each designed for specific tasks or functions. This backdoor has been recently discovered and observed targeting telecommunications companies in Southeast Asia. It operates stealthily, allowing attackers to carry out