We have examined this email and determined that this a fraudulent letter crafted by scammers. The email is disguised as a notification regarding a payment. It claims that recipients are entitled to a large sum of money. The purpose of this scam is to extract money and (or) information from unsuspe
We have inspected the Satoshi VM Airdrop site (drop-satoshivm[.]app) and found it to be a scam website mimicking the real SatoshiVM web page (satoshivm[.]io). The fake site is designed to trick visitors into believing they can obtain free cryptocurrency. Scammers use this site to drain crypto wall
Upon analyzing the TaskIndexer app, we observed that it inundates users with intrusive advertisements. These ads can promote dubious and potentially harmful websites. Consequently, we categorized TaskIndexer as adware. It is typical for software of this nature to be disseminated through deceptiv
WebIndex is a rogue application discovered by our researchers during a routine inspection of new file submissions to the VirusTotal website. After examining this app, we determined that it is advertising-supported software (adware). WebIndex is part of the AdLoad malware family. The purp
While reviewing new file submissions to the VirusTotal platform, our research team discovered the Rincrypt 3.0 ransomware. This malware is designed to encrypt data and demand payment for its decryption. On our testing system, Rincrypt 3.0 encrypted files and appended their filenames with a ".rinc
Upon reading the "Invoice Request" email, we learned that it is spam. This letter supposedly includes a contract renewal document attached to it. The attachment imitates a PDF document, and it operates as a phishing file that targets log-in credentials. The spam email with the subject "Re:
After inspecting this "DYDX NFT Airdrop", we determined that it is fake. This scam impersonates the dYdX decentralized exchange (dydx.exchange). The scheme runs an airdrop, and when users attempt to participate – they expose their cryptocurrency wallets to a crypto drainer. IMPORTANT NOTE: W
During a routine investigation of new submissions to VirusTotal, our research team discovered the SHINRA malicious program. It is a variant of the Proton ransomware. SHINRA is designed to encrypt data and demand ransoms for its decryption. On our testing system, this ransomware encrypted files an
Upon examining the page, we found that it hosts a fake cryptocurrency giveaway. The scammers behind this bogus giveaway aim to trick unsuspecting individuals into believing that by participating, they can receive Bitcoin and Ethereum cryptocurrency. However, victims of such scams lose their crypto
Discovered by Yogesh Londhe, Ghostly is a piece of malicious software classified as a stealer. As the classification implies, this malware extracts and exfiltrates vulnerable information from infected machines. Targeted data and how it is abused depends on the stealer's design and the attackers' m