During our examination of dubious websites, our researchers came across opneclawai[.]top - a fraudulent page mimicking the legitimate OpenClaw AI platform (openclaw.ai). The site poses as an AI-powered trading analyst for Solana tokens and prompts visitors to connect their cryptocurrency wallets.
While inspecting suspicious pages, our researchers came across nearprotocol-checker[.]xyz, a website pretending to be tied to the NEAR Protocol. It promotes a fake "$NEAR Points Allocation Checker" and is built to drain cryptocurrency from wallets that connect to it. IMPORTANT NOTE: We do no
We analyzed this email and found it to be malspam. The message poses as a shipping notification, urging recipients to click a link to check their order and tracking details. The link leads to a fraudulent website that silently downloads a trojanized remote access tool onto the visitor's device. Th
We have examined this email and determined it is a phishing scam. The message is disguised as an urgent security notice from an internal IT team, urging recipients to verify their email account ownership. It should be ignored to avoid having email credentials stolen by cybercriminals. The
We have examined this email and determined it is a scam. It is crafted to appear as a business inquiry from a LinkedIn buyer, complete with what claims to be a signed contract attachment. The file attached is a malicious HTML document that, when opened, displays a fake LinkedIn login page designed
Gines is ransomware belonging to the Makop family. We discovered it while examining new malware samples submitted to the VirusTotal website. It encrypts files, appends a complex extension to their filenames, drops a ransom note, and changes the desktop wallpaper. On our test machine, Gines append
During our investigation of suspicious cryptocurrency sites, our team came across apyx[.]team - a fraudulent page promoting a fake "APYX Token Launch" voting event. The site claims visitors can earn rewards by casting a "Genesis Vote," but it is actually designed to steal cryptocurrency by trickin
Our researchers discovered zenithflowrentix.co[.]in while investigating dubious websites. After examining this rogue page, we determined that it promotes browser notification spam and generates redirects to other (likely unreliable/dangerous) sites. Zenithflowrentix.co[.]in presents visito
Our analysis has revealed that pointlabsgrowth[.]com is designed to trick visitors into agreeing to receive browser notifications. The website uses a fake reCAPTCHA verification message as a lure. If permitted, pointlabsgrowth[.]com can deliver fake security warnings and other misleading notificat
Our research team found the labsgrowthworks[.]com rogue page while investigating suspicious websites. After examining this webpage, we determined that it promotes browser notification spam and generates redirects to other (likely unreliable or dangerous) sites. labsgrowthworks[.]com uses a