"Check MoveDrop Eligibility" is a scam that we discovered on movement-network[.]xyz (could be hosted elsewhere). It imitates Movement Network (movementnetwork.xyz) running an airdrop. Users are lured into exposing their digital wallets to a cryptocurrency drainer. It must be emphasized that this
After reviewing the email, we have determined that it is a scam pretending to be a notification from Google about a lottery win. Scam emails like this one are usually used to extract personal information or money from unsuspecting recipients. It is important to recognize such emails and avoid resp
GodLoader is malware delivered by exploiting the Godot Engine, a popular open-source game engine. Potential victims include users of Godot-developed games downloading mods or other content from a GitHub network known as Stargazers Ghost Network. Threat actors have been observed using GodLoader to
In our examination of the website (checker.plena-finances[.]co), we discovered that it poses as the original site, plena.finance. The fake website is designed to trick individuals into taking action that can result in significant monetary losses. It is highly advisable to be careful when encounter
During our analysis of malware samples uploaded to VirusTotal, we discovered Arachna, a malware designed to operate as ransomware. Upon infiltration, Arachna encrypts files, provides two ransom notes (in the "Restore-Files-Guide.txt" file and pop-up window), and modifies filenames. Arachna append
Our researchers found the trafficwatchers[.]com rogue webpage while browsing questionable sites. After inspecting this page, we learned that it endorses browser notification spam and causes redirects to different (likely unreliable/dangerous) websites. Most users enter webpages like trafficwatche
Chlemi[.]com is a rogue page discovered by our researchers during a routine investigation of questionable websites. Our examination revealed that this webpage promotes browser notification spam and generates redirects to other (likely unreliable/dangerous) sites. Most visitors enter chlemi[.]com
Our researchers found the bolingor.co[.]in rogue page while investigating suspect websites. After inspecting this webpage, we determined that it endorses browser notification spam and redirects users to other (likely untrustworthy/dangerous) sites. Most visitors access pages like bolingor.co[.]in
Our inspection of "Email Address Included In The Blacklist" revealed that it is spam. This fake letter claims that the recipient's email account must be verified. By baiting users into believing that their email will be permanently closed, this message lures them into a phishing site that targets
We have analyzed tolottads[.]top and found that it is one of the numerous web pages that utilize clickbait or other deceptive techniques to obtain permission from visitors to show them notifications. If allowed, tolottads[.]top might display a variety of deceptive notifications. Thus, users should