Ermac 3.0 is Android malware targeting over 700 financial, shopping, and cryptocurrency applications. It is distributed using a Malware-as-a-Service model. It can cause issues like identity theft and financial loss. If the malware is detected on a device, it should be eliminated immediately.
While investigating suspicious sites, our research team found this fake "Littleguy" airdrop. Instead of distributing this coin, the scam aims to trick users into exposing their digital wallets to a cryptocurrency drainer. It must be emphasized that this fraudulent airdrop is not associated with an
Our inspection of this "Expiration Notification" email revealed that it is spam. This message claims that the recipient's email account password will expire in 24 hours. The risk of failing to update the log-in credentials is the permanent deactivation of the account. The goal of this phishing mai
"E-mail Administrator" is a spam email that, upon inspection, we determined to be a phishing scam. This message informs the recipient about undelivered emails and urges them to resolve the issue. The spam campaign aims to obtain email account log-in credentials (passwords). The spam email
PS1Bot is the name of a malicious software that is essentially a multi-stage malware framework. It is a modular malware that utilizes various modules to perform malicious activities on infected devices. PS1Bot has been used to ensure persistence on systems, gather sensitive data, and carry out ot
Our team has examined the page (memesprotocol[.]net) and found that it runs a crypto scam. It imitates the original Memes Protocol platform (memesprotocol.xyz) to deceive visitors into taking actions that allow scammers to steal their cryptocurrency. This deceptive site should not be trusted.
We analyzed the email and determined it is a fake message pretending to be from DHL. Its goal is to trick recipients into clicking the link and providing personal information. This type of scam is called phishing, and recognizing (and ignoring) such emails prevents potential risks. The sca
While browsing suspicious sites, our research team found the inigrattic[.]com rogue webpage. It operates by promoting browser notifications spam and redirecting visitors to other (likely dubious/dangerous) sites. Inigrattic[.]com and pages akin to it are primarily accessed via redirects generated
GodRAT is a remote access Trojan (RAT) built on the Gh0st RAT source code. It shares similarities with AwesomePuppet, another RAT. GodRAT can be expanded with extra plugins that give attackers more capabilities. Cybercriminals use it to steal information and deploy additional payloads. God
Our analysis of inroadslab[.]com shows that the site is crafted to convince visitors to enable its notifications. Once allowed, it can send deceptive alerts that direct users to other unreliable websites. Users should avoid visiting inroadslab[.]com and close the page if they ever visit it.