After we inspected this "Account Protection" email, it became evident that it is spam. The purpose of this fake letter is to lure recipients into visiting a phishing website that targets email account log-in credentials. This fake notification requests an email confirmation for account pro
"Quant (QNT) Airdrop" is a scam that impersonates the Quant Network (quant.network). The fake webpage promotes an airdrop as a lure to get users to expose their cryptocurrency wallets to a crypto drainer. It must be emphasized that this scheme is not associated with the actual Quant network or any
While investigating suspicious social media posts, our research team discovered this "ORD INSCRIPTION QUEST" scam. Upon further inspection, we found this scheme promoted on three domains – distribution-ord[.]com, get-ord[.]com, and quests-ord[.]io (note that it could be hosted elsewhere). These fa
We have scrutinized the email, and it became evident that it is a fraudulent scheme designed to deceive recipients into believing they have been awarded a substantial sum of money. These types of scams are commonly referred to as "lottery scams" or "advance fee scams". Recipients should not respon
Our research team discovered the BlackSkull ransomware while inspecting new submissions to the VirusTotal site. This malicious program encrypts data and demands payment for the decryption. After we launched a sample of BlackSkull on our testing system, it encrypted files and added a ".BlackSkull"
VacBan is a rebrand of the Creal stealer. This malware is written in Python. VacBan operates by extracting and exfiltrating sensitive information from infected devices. This stealer seeks log-in credentials, cryptocurrency wallets, and other vulnerable data. Following successful infiltrati
GuptiMiner poses a significant threat, deploying backdoors throughout large corporate networks. In addition to this, GuptiMiner is known for distributing XMRig across infected devices, amplifying its impact and potential for exploitation. Organizations and individuals must remain vigilant and empl
During our examination of boyu.com.tr, we discovered its association with bogus search engines and browser hijackers. Generally (although exceptions exist), boyu.com.tr serves as a final destination in redirection sequences instigated by third-party extensions. Consequently, individuals experienci
While inspecting spam emails, we discovered one promoting a fake "GALA" website (aloor[.]net). This bogus site copies the real Gala Games blockchain gaming platform (gala.com). When users try to link their digital wallet to the scam website, it executes scripts to begin operating as a cryptocurren
In our analysis of the malware dubbed Beast, we found that it functions as ransomware: upon infiltration, Beast encrypts files, presents a ransom note, and renames files. The discovery of Beast ransomware took place during our inspection of malware samples submitted to VirusTotal. Beast appends a