"Lido $stETH Airdrop" is a scam that imitates the Lido platform (lido.fi). It lures users with an stETH cryptocurrency token airdrop. However, this giveaway is fake and it is not associated with Lido or any other existing platforms and entities. This "Lido $stETH Airdrop" scheme is a cryptocurren
While investigating deceptive sites, our researchers discovered this fake "EtherMail ($EMT) Airdrop". The scam impersonates the EtherMail platform (ethermail.io) running an EMT (EMAIL) token airdrop. It must be emphasized that this giveaway is fake, and it is not associated with the real EtherMai
Our team has checked this email and learned that it masquerades as an alert from an email service provider. Scammers behind this fraudulent email aim to lure recipients into opening a fake website and disclosing personal information. Scams of this type are known as phishing attempts. Recipients sh
While browsing new malware submissions to VirusTotal, our researchers discovered the XIXTEXRZ ransomware. Malicious software of this kind encrypts files and demands ransoms for the decryption. On our test machine, XIXTEXRZ encrypted files and appended their names with a ".crypted" extension. To e
While inspecting rogue pages, our researchers discovered this fake "Soneium Registration" website (event-soneium[.]org; note that it could be hosted elsewhere). It is presented as a blockchain platform, but this scam page is not associated with existing ones or any legitimate entities. This schem
We have inspected the page (register.nodeainetwork[.]com) and discovered that it is a fraudulent website mimicking nodes[.]ai, a legitimate platform. The purpose of the fake web page is to trick visitors into taking action that could lead to significant financial losses. Therefore, this website sh
During our analysis of the page (binance-airdrop-carv[.]info), we determined that it is a scam website. It is designed to trick visitors into believing they can participate in a cryptocurrency giveaway. Scammers behind this fraudulent scheme aim to trick unsuspecting individuals into taking action
Our researchers found ationiamcur[.]com while browsing untrustworthy sites. This rogue page is designed to promote spam browser notifications and generate redirects to various (likely dubious/dangerous) websites. Ationiamcur[.]com and similar webpages are most commonly accessed via redirects caus
Our examination of awksqa[.]com has revealed that the website uses clickbait to deceive visitors into granting it permission to display notifications. Web pages like awksqa[.]com often promote other untrustworthy sites. Thus, users should not visit them and never accept their notifications.
Our researchers found the Spider ransomware during a routine inspection of new file submissions to the VirusTotal site. This program is part of the MedusaLocker ransomware family. Spider is designed to encrypt data and demand ransoms for its decryption; this malware utilizes double-extortion tacti