Our examination of the page (kinto-19q.pages[.]dev) has shown that it is a copy of kinto[.]xyz. The fake website is created by scammers who indent to steal cryptocurrency from unsuspecting individuals. They aim to achieve it by tricking individuals into taking specific steps. Thus, kinto-19q.pages
We have reviewed the email and found that it is written by scammers who pretend to be representatives of WalletConnect, a legitimate IT service management company. This scam email is utilized to trick recipients into disclosing personal information via a fake web page. Recipients should ignore thi
This "CoinMarketCap Token Presale" is fake. The scam is supposedly running a presale event with a 10% bonus, and when users attempt to participate – they are tricked into exposing their digital wallets to a cryptocurrency drainer. Hence, victims of this scam can lose all or most of the funds stor
CyberVolk is ransomware designed to encrypt files and append the ".cvenc" extension to filenames. Also, CyberVolk displays a pop-up window and creates the "CyberVolk_ReadMe.txt" file containing a ransom note. An example of how CyberVolk renames files: it changes "1.jpg" to "1.jpg.cvenc", "2.png" t
After examining UpgradeConnection, we discovered that it generates multiple intrusive advertisements. Therefore, we have categorized UpgradeConnection as adware. Such software is often marketed as useful without fully disclosing its functionality. Users are advised not to download and install ap
Cyb3r Bytes is a variant of CyberVolk ransomware. Once a computer is infected with Cyb3r Bytes, files become encrypted and the ".cvenc" extension is appended to their filenames. Also, two ransom notes containing similar text are generated: a pop-up window and the "CyberVolk_ReadMe.txt" file. An e
Upon inspecting ParameterNetwork, we found that it is designed to generate various intrusive advertisements. Thus, we classified ParameterNetwork as adware. It is common for software of this type to be promoted as useful without mentioning that it delivers ads. Users should avoid installing apps
Our researchers found the Sorcery ransomware while browsing file submissions to the VirusTotal platform. This malicious program is designed to encrypt data and demand ransoms for its decryption. After we executed a sample of Sorcery on our testing system, it encrypted files and added a ".sorcery"
After inspecting this "Fantasy On Blast Airdrop", we determined that it is fake. When users try to take part in this hoax airdrop, they are deceived into exposing their digital wallets to a cryptocurrency drainer. Victims of this scam experience financial loss. IMPORTANT NOTE: We do not revi
Our researchers discovered the FilterSkill application while investigating file submissions to the VirusTotal platform. After examining FilterSkill, we learned that it is advertising-supported software (adware). This app is part of the AdLoad malware family. It is designed to feed users with unw