Upon inspection of the "Claim Your Dreamloops NFT Mystery Box" email, we determined that it is spam. This letter lures users into visiting a scam website by promising the chance to claim a mystery box containing various valuable rewards. At the time of research, this spam mail promoted the "Axie
"Axie Infinity Claim" is a scam impersonating the Axie Infinity blockchain game website. The fake page – conorandrobin[.]com (could be hosted elsewhere) – supposedly allows users to claim NFTs (Non-Fungible Tokens). Instead, users who connect their digital wallets expose them to a crypto drainer.
BLASSA is a malicious program categorized as ransomware. Malware of this kind operates by encrypting data and demanding ransoms for its decryption. After we executed a sample of BLASSA on our test machine, it encrypted files and added a ".blassa" extension to their filenames. For example, a file
Our team has inspected withbtrads[.]top and learned that this website cannot be trusted. It displays deceptive content (uses a clickbait technique) to obtain permission to show notifications. Typically, when users agree to receive notifications from such pages, they are bombarded with fake warning
CrypticSociety is ransomware designed to encrypt files. It is identical to another ransomware variant known as Blue. In addition to encrypting files, CrypticSociety renames them and provides a ransom note ("#HowToRecover.txt"). It replaces the names of encrypted files with a random string and appe
This "CARV Airdrop" is fake. We found this scam on carv-quests.pages[.]dev, but it could be hosted elsewhere. It is disguised as the CARV platform (carv.io) running an airdrop. Users lured into connecting their digital wallets to this scheme expose them to a cryptocurrency drainer. IMPORTANT
While inspecting clickbtrads[.]top, we found that this page uses clickbait to obtain permission to show notifications. Sites that use deceptive techniques to obtain this permission usually deliver misleading notifications. Therefore, it is important to avoid visiting clickbtrads[.]top and acceptin
ZipLOCK is ransomware that, unlike most malware of this type, does not encrypt files. It puts the victim's files into a password-protected ZIP file. Also, ZipLOCK creates a ransom note ("[ZipLOCK]INSTRUCTIONS.txt") and renames archived files by prepending "[ZipLOCK]" and appending ".zip". For exa
Our examination of the page (worldscoins-claims.pages.dev) reveals that it is a scam website aimed at stealing cryptocurrency from unsuspecting users. The site imitates world[.]org (the real website) to mislead visitors. This and similar sites should be recognized as scams and avoided. IMPOR
While examining the MAVIA Registration site (register-mavia[.]app), we discovered that it is a fraudulent page posing as the real site (mavia[.]com). The purpose of the fake page is to trick visitors into "registering" and stealing their cryptocurrency. Thus, it is highly advisable to avoid sites