SMD69 is a stealer-type malware. It is designed to extract and exfiltrate vulnerable data from infected systems. Stealers can also possess other harmful capabilities. SMD69 has been observed being proliferating using the ClickFix scam technique. As mentioned in the introduction, SMD69 is a
While examining the GuardFlare extension, we noticed that it can generate various advertisements. For this reason, we classified it as adware. Additionally, we discovered that GuardFlare can activate the "Managed by your organization" feature. It is worth noting that the installer distributing thi
During our inspection of QuickFind, we found that this extension is a browser hijacker. It is designed to change the settings of a web browser to promote a fake search engine (finditfasts.com). Also, QuickFind enables the "Managed by your organization" feature and is distributed alongside another
While inspecting allowflix[.]com, we discovered that it is one of the numerous web pages using clickbait to obtain permission to show notifications. As a rule, notifications from pages like allowflix[.]com are misleading/deceptive. Therefore, users should not agree to receive notifications from al
During our examination of the site (catzclaim.pages[.]dev) promoting a $CATS airdrop, we found that it is not a legitimate crypto giveaway. Usually, these types of scams are used to extract money or personal information from unsuspecting individuals. Thus, it is advisable not to trust this platfor
"Lido $stETH Airdrop" is a scam that imitates the Lido platform (lido.fi). It lures users with an stETH cryptocurrency token airdrop. However, this giveaway is fake and it is not associated with Lido or any other existing platforms and entities. This "Lido $stETH Airdrop" scheme is a cryptocurren
While investigating deceptive sites, our researchers discovered this fake "EtherMail ($EMT) Airdrop". The scam impersonates the EtherMail platform (ethermail.io) running an EMT (EMAIL) token airdrop. It must be emphasized that this giveaway is fake, and it is not associated with the real EtherMai
Our team has checked this email and learned that it masquerades as an alert from an email service provider. Scammers behind this fraudulent email aim to lure recipients into opening a fake website and disclosing personal information. Scams of this type are known as phishing attempts. Recipients sh
While browsing new malware submissions to VirusTotal, our researchers discovered the XIXTEXRZ ransomware. Malicious software of this kind encrypts files and demands ransoms for the decryption. On our test machine, XIXTEXRZ encrypted files and appended their names with a ".crypted" extension. To e
While inspecting rogue pages, our researchers discovered this fake "Soneium Registration" website (event-soneium[.]org; note that it could be hosted elsewhere). It is presented as a blockchain platform, but this scam page is not associated with existing ones or any legitimate entities. This schem