While browsing malware submissions to the VirusTotal platform, our researchers discovered a malicious program named ZHO. It is based on Chaos ransomware. Once launched on our testing system, ZHO ransomware encrypted files and changed their filenames. Initial titles were appended with an extension
We have analyzed the site (punkaisol[.]com) and determined that it is a scam website offering individuals to participate in a cryptocurrency airdrop (giveaway). This fraudulent page is a copy of the original Punk AI site (punkai[.]meme). Scammers created this scam site to steal cryptocurrency.
During our evaluation, we found that last-page.co is supposed to be a search engine. We also found that last-page.co is promoted via a browser hijacker (an app called Last-Page Architecture Browser Backgrounds). Usually, browser hijackers change the settings of web browsers to force users to visit
We have analyzed the site (linea-airdrop[.]lol) and found that it is a deceptive page mimicking linea[.]build, the real Line web page. The purpose of the fraudulent web page is to trick users into participating in a fake giveaway (airdrop). Ultimately, scammers aim to steal cryptocurrency from use
Searchthisall.com is the address of a fake search engine, which we found while inspecting a rogue browser extension called SearchThisAll. This piece of software is endorsed as an easy-access tool for users' favorite social, online shopping, and entertainment websites. Instead, SearchThisAll opera
After inspecting this "Retik Finance Giveaway", we determined that it is fake. This scheme impersonates the Retik Finance platform (retik.com). When users attempt to claim digital assets from this fraudulent site, they expose their cryptowallets to a cryptocurrency drainer. It must be stressed th
MegaGuard is an adware-type browser extension that is endorsed as a security tool that prevents access to suspicious websites. Adware stands for advertising-supported software, its purpose is to generate revenue for its developers/publishers through advertising. Additionally, MegaGuard spies on us
After investigating this "Coinbase Crypto Giveaway" we determined that it is fake. This scam deceives users into transferring funds to scammer-owned wallets by promising a doubled return. It must be stressed that this giveaway is a hoax, and it is not associated with the real Coinbase platform or
Upon inspecting the site (navi-csgiveaways[.]com) claiming to host a giveaway, we found that it is a fraudulent web page designed to trick unsuspecting individuals into divulging personal information. It is crucial to exercise caution and avoid interacting with suspicious websites or offers to avo
After inspecting the "ACH Payment From Craftmaster Hardware" email, we determined that it is spam. The fake letter claims that the recipient will receive a payment of over 10k USD. Details of this transaction can be found in the attachment, which is a phishing file that targets recipients' email a