$EBC is ransomware designed to prevent victims from accessing files. Upon infiltration, $EBC encrypts files, appends the ".$EBC" extension to filenames, and displays a full-screen ransom note. An example of how $EBC modifies filenames: it changes "1.jpg" to "1.jpg.$EBC", "2.png" to "2.png.$EBC", a
Our analysis uncovered evidence that the Creso Rewards site is operating as a fraudulent entity, presenting itself as an authentic platform (creso[.]io). This deceptive mimicry indicates that the scam is designed to exploit the credibility and reputation of the legitimate Creso platform to deceive
Upon our examination, we discovered that the SAGA airdrop (giveaway) is a scam. It is orchestrated by scammers who seek to deceive individuals into believing they can obtain free cryptocurrency. However, their true intention is to steal cryptocurrency from unsuspecting victims. Thus, this SAGA air
After analyzing cosmicnewspulse[.]com, we have concluded that it is an untrustworthy website employing clickbait tactics to coax visitors into enabling notifications. Additionally, we found that cosmicnewspulse[.]com has the potential to redirect users to other questionable websites. Therefore, it
While reviewing file submissions to the VirusTotal website, our research team discovered the AgentLocator application. Upon examination, we determined that it is adware. This app is part of the AdLoad malware family. Advertising-supported software generates revenue for its developers through ad
The "Solana Mobile" scam mimics the official Solana subsidiary's website of the same name. It lures users into exposing their cryptowallets to a drainer. These types of scams are intended to pilfer cryptocurrency from victims' wallets. This scheme imitates the legitimate website of Solana
"Claim $PRCL" refers to scam websites mimicking official Parcl-related platforms. These sites offer PRCL tokens in bogus airdrops, allocations, giveaways, or presale events. The scam aims to trick users into exposing their digital wallets to a cryptocurrency drainer designed to empty them of fund
XploitSPY is an Android-specific malware. This program is based on the L3MON RAT (Remote Access Trojan). XploitSPY has extensive data-stealing functionalities and has been observed infiltrating devices bundled with various legitimate-looking applications. This malware has been around since at lea
Qtr Search is a rogue extension classed as a browser hijacker. This piece of software hijacks browsers by making changes to their settings. The aim is to promote (through redirects) the qtrsearch.com fake search engine. Browser hijackers assign promoted sites as browsers' default search en
Through our analysis of moderton[.]com, we determined that it is an unreliable web page that uses a clickbait technique to trick visitors into permitting it to show notifications. We also discovered that moderton[.]com can redirect to other dubious websites. Thus, users should avoid visiting moder