While reviewing file submissions to the VirusTotal website, our research team discovered the AgentLocator application. Upon examination, we determined that it is adware. This app is part of the AdLoad malware family. Advertising-supported software generates revenue for its developers through ad
The "Solana Mobile" scam mimics the official Solana subsidiary's website of the same name. It lures users into exposing their cryptowallets to a drainer. These types of scams are intended to pilfer cryptocurrency from victims' wallets. This scheme imitates the legitimate website of Solana
"Claim $PRCL" refers to scam websites mimicking official Parcl-related platforms. These sites offer PRCL tokens in bogus airdrops, allocations, giveaways, or presale events. The scam aims to trick users into exposing their digital wallets to a cryptocurrency drainer designed to empty them of fund
XploitSPY is an Android-specific malware. This program is based on the L3MON RAT (Remote Access Trojan). XploitSPY has extensive data-stealing functionalities and has been observed infiltrating devices bundled with various legitimate-looking applications. This malware has been around since at lea
Qtr Search is a rogue extension classed as a browser hijacker. This piece of software hijacks browsers by making changes to their settings. The aim is to promote (through redirects) the qtrsearch.com fake search engine. Browser hijackers assign promoted sites as browsers' default search en
Through our analysis of moderton[.]com, we determined that it is an unreliable web page that uses a clickbait technique to trick visitors into permitting it to show notifications. We also discovered that moderton[.]com can redirect to other dubious websites. Thus, users should avoid visiting moder
After we inspected this "$BCKR PRE-SALE" event, it became evident that it is a crypto drainer scam. This scheme is presented as a presale event for a cryptocurrency. Yet, when users try to participate – they are deceived into exposing their digital wallets to a mechanism that drains them of funds.
After examining the site (dappradar-airdrops[.]io), we determined that it impersonates the legitimate DappRadar website (dappradar[.]com). Our assessment confirms that it is a scam website crafted to deceive visitors into participating in a fraudulent cryptocurrency giveaway. The primary objective
After examining "Restore Email DNS", we determined that it is spam. This letter informs that unusual errors have occurred on the recipient's email account, which have interrupted standard service. To fix these bogus issues, the recipient is led to a phishing site that targets email log-in credenti
In our analysis of the website presale.basingonbase[.]org, which promotes the presale of $BASING digital assets (cryptocurrency), we uncovered fraudulent activity. This scam operates by deceiving individuals into thinking they can acquire $BASING at a discounted rate, with the ultimate goal of cry