After reviewing the site promoting the "Riot Games & Twitch Giveaway", we concluded that it is a scam exploiting the names of legitimate companies (Riot Games and Twitch) as a lure to trick individuals into divulging personal information. Neither Riot Games nor Twitch has anything to do with t
During our analysis of Psoriasis, we learned that this app functions as adware. Upon installation, Psoriasis displays various advertisements. Moreover, it may collect data from devices. We also found that Psoriasis is part of the Pirrit family. Users should avoid installing apps like Psoriasis.
After reading the "Treasures For Safekeeping" email, we determined that it is spam. This fake letter is supposedly from a Ukrainian citizen forced to flee from their home due to the Russian invasion of Ukraine. The sender requests help dealing with their familial treasure, part of which the email
After examining the Bc20 application, we determined that it belongs to the Pirrit adware family. Upon installation, Bc20 delivers intrusive advertisements. Additionally, it may quietly collect various types of data. Thus, affected users should uninstall Bc20 from their computers and avoid instal
We have inspected the App_updater application and found that it is an advertising-supported program from the Pirrit family. Once installed, App_updater delivers annoying and often misleading advertisements to users. Also, it may silently gather various data. Affected users should uninstall App_u
Our analysis of the email revealed that it is a phishing email. Scammers behind this phishing campaign aim to deceive recipients into believing that they have received a notification from an email service provider. Their ultimate goal is to extract personal information from unsuspecting recipients
Qeza is a ransomware variant from the Djvu family that we discovered during an analysis of samples submitted to VirusTotal. Ransomware is a type of malware that encrypts files and demands payment for their decryption. In addition to encrypting files, Qeza appends its extension (".qeza") to filenam
During our examination of the claim-hyperliquid[.]xyz site, we found that this page promotes a cryptocurrency airdrop. However, further analysis revealed that claim-hyperliquid[.]xyz is a fake page masquerading as a legitimate cryptocurrency trading platform (hyperliquid[.]xyz). This deceptive sit
After examining a website offering gifts for the Valorant video game, we determined that it is fake. The scam states that users can claim one thousand Radianite points for free. This fake giveaway operates as a phishing scam and targets Valorant account log-in credentials. It must be stressed tha
After inspecting the "Klaytn ($KLAY) Airdrop", as promoted on klay-foundation[.]com, we determined that it is fake. The scheme imitates the Klaytn platform (klaytn.foundation). This fraudulent airdrop is used to lure users into exposing their digital wallets to a crypto drainer. Hence, victims of