We have inspected this page (blockchainzassets.pages[.]dev) and discovered that it is a fraudulent site claiming to provide a wallet recovery service. However, the real purpose of this website is to steal cryptocurrency from users. Therefore, it is highly advisable to avoid visiting it. IMPO
Weaxor is ransomware designed to encrypt files so that victims are forced to pay the attackers for their decryption. Additionally, Weaxor appends the ".rox" extension to filenames and provides a ransom note ("RECOVERY INFO.txt"). An example of how files encrypted by Weaxor are renamed is "1.jpg" b
Our analysis of anapurnatop[.]top has shown that this page uses clickbait (a deceptive method) to receive permission to send notifications. As a rule, notifications generated by websites like anapurnatop[.]top contain fake and misleading messages, and clicking them can lead users to potentially ma
Our analysis of Violent_shark has shown that it is an unwanted extension distributed through a malicious installer (multiple security vendors flag this installer as malicious). Violent_shark has no clear functionality, but it is very likely that it could expose users to security and privacy issues
Nyxe is ransomware that we discovered during our inspection of samples uploaded to VirusTotal. Our examination revealed that Nyxe encrypts data, renames files by adding the ".nyxe" extension, creates a ransom note titled "Decryption Instructions.txt", and changes the victim's desktop wallpaper. A
We have inspected RapidFinder and found that it is a shady browser extension that functions as a browser hijacker. It hijacks a browser by modifying its settings. The purpose of RapidFinder is to promote a fake search engine. Also, this extension activates the "Managed by your organization" featur
We have inspected everestpeak[.]top and found that it displays misleading content to obtain permission to send notifications. Sites like everestpeak[.]top usually deliver unreliable notifications. Thus, everestpeak[.]top and similar web pages should be avoided (and never granted permission to show
During our inspection, we identified this as a phishing email disguised as a message about important invoice details. The scammers use this email to steal personal information from recipients. Their goal is to lure recipients into entering details on a phishing website. Recipients should ignore th
During our inspection, we identified this as a phishing email disguised as a message about important invoice details. The scammers use this email to steal personal information from recipients. Their goal is to lure recipients into entering details on a phishing website. Recipients should ignore th
We have inspected the site (claims-cybro[.]com) promoting CYBRO airdrop and found that it is designed to steal cryptocurrency from individuals. This page masquerades as the original CYBRO platform (cybro[.]io) to deceive visitors. To avoid potential financial loss, users should avoid visiting and