While investigating suspect sites, our research team discovered the dwhitdoedsrag[.]org rogue webpage. Upon examination, we determined that it promotes browser notification spam and redirects users elsewhere (likely dubious/malicious websites). Pages like dwhitdoedsrag[.]org are most commonly acc
Our researchers found the Xam ransomware during a routine inspection of new file submissions to the VirusTotal platform. Ransomware is a type of malware that encrypts files in order to demand payment for the decryption (data recovery). We obtained a sample of Xam and executed it on our testing sy
Upon examining the site (token-usdt[.]com), we discovered that it is a scan website copying tether[.]to. The purpose of the fake page is to trick visitors into believing that they can participate in an airdrop and receive cryptocurrency for free. The ultimate goal is to steal cryptocurrency assets
After inspecting the "Request To Cancel Your Services" email, we determined that it is spam. This mail falsely claims that the recipient's email account was blocked due to a cancellation request sent to the service provider. The purpose of this fake message is to deceive users into providing their
We have inspected the email and concluded that it is a scam offering recipients an investment opportunity. Typically, fraudsters behind such emails aim to extract money and (or) personal information from unsuspecting individuals. This and similar emails should be ignored. The sender claims
We have analyzed the vote.redstonecoin[.]network website and found that it hosts a crypto-related scam. The purpose of this deceptive page is to steal cryptocurrency assets from unsuspecting users. It is important to note that vote.redstonecoin[.]network is a copy of the real site, redstone[.]fina
While inspecting the application, we found that it is designed to bombard users with intrusive advertisements. Consequently, we have categorized IntegerDrivePrivacy as adware. Users tend to install apps like IntegerDrivePrivacy unwittingly, often unaware of their functionality. IntegerDr
While inspecting new submissions to the VirusTotal platform, our researchers discovered the DataUpdate app. After analyzing it, we determined that this application is adware (advertising-supported software). DataUpdate is part of the AdLoad malware family. Adware is designed to generate
We have inspected the 21-brett[.]com web page and found that it hosts a scam posing as a cryptocurrency airdrop held by the real Brett website (brett[.]fyi). Scammers behind the fake page aim to trick individuals into believing that they can participate in a cryptocurrency giveaway. However, victi
Cuckoo is a Mac-specific malware that operates as spyware and an information-stealer. It can record information and extract data from various browsers, cryptocurrency wallets, FTP clients, messengers, and other apps. The Cuckoo malicious program has been around since at least the spring of 2024