After inspecting this "Claim Your AVAIL Rewards" airdrop, we determined that it is fake. The scheme imitates the Avail network (availproject.org) running a giveaway. This scam – availprojectorg[.]xyz (could be hosted elsewhere) – operates as a cryptocurrency drainer. It steals funds from compromis
We have inspected the claim.scotttytheai[.]org page and discovered that it is a copy of scottytheai[.]com. The purpose of claim.scotttytheai[.]org is to deceive visitors into performing actions leading to the theft of their cryptocurrency holdings. Overall, claim.scotttytheai[.]org is a scam websi
After investigating this "LiquidEther Airdrop", we determined that it is fake. We found several webpages hosting this scam. It promises rewards to eligible users, and when they attempt to claim the gift – they are prompted to connect their digital wallets. This scheme operates as a cryptocurrency
We have inspected this email and concluded that it is a fraudulent email designed to trick recipients into infecting their computers. It contains a malicious attachment utilized for malware distribution. The letter itself is disguised as a notification regarding messages in Soundbox. The e
Our examination of the page (app.modenetwork[.]cm) has revealed that it is a scam site hosting a fake MODE cryptocurrency giveaway (airdrop). This site mimics the real Mode page, mode[.]network, to trick users. The purpose of the fake page is to steal cryptocurrency assets from victims. IMPO
zEus is a malicious program classed as a stealer. It is designed to steal information from devices. This malware can extract and exfiltrate a variety of vulnerable data from devices, including the log-in credentials of various accounts. zEus has been observed being distributed under the guise of M
We have inspected the airdrop-floki[.]homes site and found that it is a copy of the original floki[.]com page. Scammers employ airdrop-floki[.]homes to trick users into participating in a fake airdrop (giveaway). This scam website is created to steal cryptocurrency from unsuspecting individuals.
Awayurl.net is the address of a fake search engine. This website is promoted by the TraceUrl rogue browser extension, which our researchers discovered while investigating deceptive websites. This software supposedly redirects users to live sites. However, that is not how TraceUrl operates. While t
Our researchers found the MP3 Cutter Joiner Free PUA (Potentially Unwanted Application) while inspecting suspicious sites. This app was included in an installation setup promoted by a scam webpage using an adult-themed lure. The setup was also bundled with other unwanted and possibly malicious so
Discovered by Yogesh Londhe, EnigmaWave is a ransomware-type program. It operates by encrypting data (rendering it inaccessible/unusable) and demanding payment for the decryption (recovery). We acquired a sample of this ransomware and executed it on our test machine. Afterward, we found that this