ACR is a stealer-type malware with multiple versions, including a rebrand variant known as Amatera. ACR targets a variety of sensitive data, such as passwords and cryptocurrency wallets. This stealer is offered as MaaS (Malware-as-a-Service) and has been used in multiple large-scale campaigns.
Imagesearcherpro.com is a fake search engine that our research team discovered while analyzing the Image Search Pro browser hijacker. This website type cannot provide search results and redirects to legitimate search engines. They are usually promoted (via redirects) by browser hijackers. It is no
While investigating suspicious sites, our researchers found this fake "Uniswap" webpage (nextlevel[.]limited; potentially other domains). This page impersonates Uniswap, yet is in no way associated with this decentralized exchange. The scam aims to deceive users into exposing their cryptowallets t
Our research team discovered this fake "$IBVM" airdrop during a routine investigation. It masquerades as the official website of IBVM (ibvm.io). The scam tricks users into exposing their digital wallets to a cryptocurrency drainer. It must be emphasized that this fraudulent airdrop is not associat
Our examination of the "Confirm Your Identity" email revealed that it is spam. The message states that unless the recipient verifies their identity, they will experience email service interruptions. The purpose of this scam mail is to lure recipients into providing their email log-in credentials t
After reading this "Compensation Entitlement" email, we determined that it is spam. This message namedrops multiple real public figures and entities. It claims that the recipient is entitled to five million US dollars in compensation. It must be emphasized that the information in this email is fa
Our inspection of the "Email Is Blocked Because The Sender Is Unauthenticated" message revealed that it is spam. It claims that the emails sent by the recipient cannot be authenticated and are recognized as spam. The goal is to lure recipients into believing they are fixing this nonexistent issue
After inspecting this "UPS Delivery Notice" email, we learned that it is spam. This fake message is presented as a notification alerting the recipient of an upcoming parcel delivery. It must be emphasized that this scam email is not associated with the actual UPS. This spam campaign promotes a phi
While inspecting deceptive websites, our researchers discovered the "McAfee - Built-in Antivirus Has Detected A Threat" scam. It uses Windows and McAfee branding and claims the user's computer is infected. Typically, the goal is to deceive victims into installing or purchasing software. It must be
While inspecting new submissions to the VirusTotal platform, our research team discovered the Obscura ransomware. This malware operates by encrypting files and demanding payment for the decryption. On our test machine, Obscura encrypted files and appended their names with a ".obscura" extension.