After reading the "New Investor" email, we determined that it is spam. This letter is presented as an investment and joint venture proposal. It must be stressed that all the information this email provides is false, and this mail is not associated with any real public figures or legitimate entiti
We have inspected yourgiardiablog[.]com and discovered that it is an unreliable web page that uses clickbait to achieve its purpose, which is to trick visitors into agreeing to receive notifications. There are numerous examples of sites similar to yourgiardiablog[.]com, and most of them show misle
After inspecting "Claim RWA", we determined that it is a scam. This scheme, as hosted on claimed-rugwa[.]com, supposedly allows users to obtain RWA cryptocurrency tokens. After users "connect" their wallets to this fake page, they are exposed to a crypto drainer designed to steal digital assets.
We have inspected the PepeFork ($PORK) Registration site (porkcoin[.]support) and found that it is a scam website mimicking the original pond0x[.]com and pondcoin[.]com websites. The fraudulent site is created by scammers with the intention of stealing cryptocurrency from unsuspecting individuals.
While inspecting new file submissions to the VirusTotal platform, our researchers discovered the Robaj ransomware. After this malware was executed on our testing system, it encrypted files and dropped a ransom note – "readme.txt" – demanding payment for the decryption. The locked files had their
Upon closer inspection of the site (mage-airdrop-merlinchain[.]com), we identified that it is a deceptive website promoting a fake cryptocurrency giveaway (airdrop). This scam page is presented as the number one decentralized exchange in the Bitcoin ecosystem. Scammers use this website to steal cr
After inspecting this "Blaster Token ($BLSTR) Early Access" airdrop, we determined that it is a scam. This scheme was hosted on added-ones[.]info, and it claims to be distributing Blaster tokens (BLSTR). It operates as a cryptocurrency drainer that steals funds from compromised digital wallets. I
In the process of reviewing the malware, it became apparent that Tuborg is ransomware (not associated with the Tuborg Brewery in any way) designed to encrypt files. We discovered Tuborg ransomware while examining malware samples submitted to VirusTotal. In addition to encrypting files, Tuborg chan
During an analysis of the site (airdrop-doggotothemoon[.]xyz), it has come to our attention that it is a scam website promoting a fake Dog RuneStone airdrop (a cryptocurrency giveaway). The scammers behind this page aim to trick potential participants into believing they can receive free cryptocur
Our researchers found the mydotheblog[.]com rogue page while investigating untrustworthy websites. After inspecting it, we determined that this webpage promotes browser notification spam and redirects users to other (likely dubious/dangerous) sites. Users most commonly enter pages like mydotheblo