Our research team discovered the "Verify You Are A Human" scam while investigating untrustworthy sites. It is essentially fake CAPTCHA authentication. This scheme is part of the ClickFix campaign and lures users into downloading/installing the Lumma stealer. However, this scam and others that use
Spy.Banker is a piece of malicious software that targets Android and iOS devices. It is capable of creating app imitations through PWAs (Progressive Web Applications) or WebAPKs; the latter is an Android-only feature wherein Google Chrome automatically generates an APK (referred to as WebAPK). At
We have inspected this scam and found that its purpose is to trick users into believing that their antivirus protection has expired. Typically, scammers use such scams to extract money or personal information from unsuspecting individuals. Thus, it is highly recommended not to interact with websit
Cthulhu is an information stealer written in the the Go programming language and designed to appear as a legitimate application. Its primary purpose is to extract credentials and cryptocurrency wallets from various stores and game accounts. The stealer seems to be available for rent to individua
Hunforandiogs[.]com is a rogue page that promotes browser notification spam and redirects visitors to other (likely unreliable/dangerous) websites. Webpages like hunforandiogs[.]com are most often accessed via redirects caused by sites utilizing rogue advertising networks. Our research team disco
After inspecting the "IMAP/POP3 TIME-OUT" email, we determined that it is spam. The message falsely claims that the recipient's email service has been temporarily restricted due to an error. This lure is used to deceive recipients into disclosing their email account log-in credentials to a phishin
Our analysis of protectkingdom[.]com has shown that it is a misleading website created to trick visitors into permitting it to send notifications. Protectkingdom[.]com and similar sites should not be allowed to show notifications, as their notifications often are fraudulent. It is worth noting tha
We have inspected this email and determined that it is a scam. The purpose of this scam email is to extract personal information and (or) money from recipients. Whoever receives such emails should ignore them and never provide any information or take other actions. This scam email claims t
Dice is ransomware that we discovered while examining malware samples uploaded to VirusTotal. Our analysis has shown that Dice encrypts files, appends its extension (".dice") to filenames, and creates a ransom note ("readme.txt"). An example of how files encrypted by Dice are renamed is "1.jpg" be
During our examination of bestautheinc[.]club, we found that this page is designed to trick visitors into granting it permission to send notifications. Bestautheinc[.]club uses a method known as clickbait to receive that permission. Usually, users unintentionally land on sites like bestautheinc[.]