Maranhão is an information-stealing malware written in Node.js and delivered through Inno Setup installers. It targets various sensitive information, including cryptocurrency wallet data. Its infiltration can lead to privacy issues, monetary loss, and other problems. If detected on a system, Maran
Our analysis of the site (app.hyperswapx[.]exchange) has uncovered that it is a fraudulent copy of the official HyperSwap platform (app.hyperswap.exchange). The site is intended to deceive users into connecting their wallets, allowing scammers to steal their cryptocurrency. This deceptive site sho
HybridPetya is ransomware that shares similarities with Petya and NotPetya. One of the main differences is that HybridPetya can bypass UEFI Secure Boot defenses on vulnerable systems - it starts its malicious activities before the operating system even loads. Like most ransomware variants, HybridP
After reading this "Rainbow Lottery" email, we determined that it is spam. It claims that the recipient's email address has been randomly selected as a winner of one million GBP (pound sterling). The purpose of this spam campaign is to trick victims into disclosing sensitive data and potentially
Our researchers found istomegiessts.co[.]in while browsing untrustworthy sites. We determined that this rogue webpage promotes spam browser notifications and causes redirects to other (likely dubious/malicious) websites. Istomegiessts.co[.]in and similar pages are most commonly accessed via redire
While investigating suspicious websites, our researchers found this fake "Kaito" airdrop. It imitates the Kaito AI platform and promises to triple users' investments. However, digital assets sent to the cryptowallet promoted by this scam are lost, and no return is received. IMPORTANT NOTE: W
We have inspected the email and concluded that it is a phishing email disguised as a notification from an email service provider. Scammers use this scam to trick recipients into opening a fake website and entering personal information. Recipients should ignore this email to avoid account hijacking
We have reviewed searchcalm.com and concluded that it is a fake search engine. Using searchcalm.com can expose users to privacy and security risks. It is important to note that fake search engines are often promoted through unwanted extensions known as browser hijackers. Searchcalm.com is
While browsing untrustworthy sites, our research team discovered the schiditypookyph[.]com rogue webpage. It operates by promoting browser notifications spam and redirecting users to different (likely dubious/hazardous) websites. Schiditypookyph[.]com and analogous pages are most commonly accessed
Pravonexa[.]com is a rogue webpage discovered by our researchers during a routine inspection of suspicious sites. After examining this page, we learned that it promotes browser notification spam and generates redirects to other (likely untrustworthy/malicious) websites. Most visitors to webpages l