After inspecting this "Grass Foundation" website (claim-grassfoundation.pages[.]dev) we determined that it is fake. It impersonates the Getgrass (Grass) network (getgrass.io). The imitator page is a phishing site that targets cryptocurrency wallet log-in credentials. IMPORTANT NOTE: We do no
Our inspection of the page (dotmoovsv2.pages[.]dev) has shown that it is a deceptive site pretending to be the original one (dotmoovs.com). The sammers behind it seek to steal cryptocurrency from individuals. Users should be cautious online to avoid falling for scams like dotmoovsv2.pages[.]dev.
After inspecting this "Two-Factor Authentication (2FA)" email, we determined that it is spam. This fake message encourages the recipient to improve their account security to avoid service interruptions. The goal is to promote a phishing website that targets email account log-in credentials.
We have reviewed this website (permaswap[.]org) and learned that it is a fraudulent copy of the real site (permaswap.network). The fake web page is intended to trick visitors into taking actions that could result in the theft of their cryptocurrency. Therefore, permaswap[.]org should be avoided.
Upon examining this "Join MetaMask 3.0" website (server1.update-metamask.workers[.]dev), we determined that it is fake. It masquerades as the official site of the MetaMask cryptocurrency wallet. This "Join MetaMask 3.0" scam aims to trick users into exposing their digital wallets to a crypto drain
During a routine investigation, our researchers discovered this fake "Privasea Registration" site (registration-privasea[.]org; other domains are possible). The scam imitates the Privasea AI Network (privasea.ai) and promises rewards to entice users into exposing their digital wallets to a crypto
Our team has examined the website (registration-somogames[.]com) and found that it is a scam website posing as the real SOMO page (somo.xyz). We also found that the purpose of the fraudulent page is to steal cryptocurrency. Therefore, it is highly advisable to avoid this site and always verify the
Our team has analyzed this scam campaign and found that there are at least two versions of this scam email. In both cases, the goal is to trick recipients into disclosing personal information on a deceptive website. Emails of this type are called phishing emails. Recipients should avoid such email
DARKSET is a malicious program categorized as ransomware. It is designed to encrypt files and demand ransoms for their decryption. On our testing system, DARKSET encrypted files and added a ".DARKSET" extension. For example, a file initially named "1.jpg" looked like "1.jpg.DARKSET", "2.png" as "
We have examined Arcus and found that it is ransomware with two variants, one of which is based on Phobos ransomware. It encrypts files and appends an extension to filenames (the extension depends on the ransomware variant). Also, Arcus provides a ransom note (the Phobos variant generates an "info