This "Jupiter Airdrop" that we investigated is a scam. This airdrop claims to distribute the Jupiter (JUP) cryptocurrency. However, after a victim connects their digital wallet to this platform, it begins working as a crypto drainer and empties the funds. This scheme supposedly distributes
EuphractusSexcinctus is the name of a malicious browser extension. Our researchers discovered this piece of software during a routine investigation of untrustworthy websites. After analyzing the extension, we determined that it is capable of modifying browsers and collecting sensitive user informa
After reviewing the "SharePoint Settlement Agreement" email, we determined that it is spam. The letter is presented as a notification regarding settlement agreement documents sent via SharePoint. It must be stressed that all the information provided by this email is false, and this mail is not as
This "SatoshiVM Token Airdrop" is fake. The airdrop claims to distribute Satoshi (SATS) – the smallest unit of Bitcoin (BTC) cryptocurrency. The user has to connect their cryptowallet to the giveaway to check its eligibility. However, after a wallet is linked – the scam starts operating as a crypt
Our analysis has determined that this is a fraudulent scheme posing as a platform for obtaining reimbursement for transaction fees. Scammers exploit the reputation of a reputable service like Coinbase to deceive individuals into taking actions that could compromise their cryptocurrency wallets.
Silver is a Remote Access Trojan (RAT) written in the C# programming language. This malware enables remote access and control over infected machines. It was first noted in the wild in the autumn of 2023. The trojan is quite sophisticated and versatile. Silver has a wide variety of functionalities
BaN is ransomware belonging to the Xorist family. This variant has been identified during the examination of samples uploaded to VirusTotal. BaN is created to encrypt files. Additionally, BaN appends the ".BaN" extension to filenames, displays, and creates a ransom note (an error message and the "
Upon examining the SusScrofa browser extension, we found that it is an untrustworthy program disseminated through a malicious installer. Its capabilities include activating the "Managed by your organization" feature (in Chrome and Edge), reading and changing data on visited pages, and managing the
SparkRAT, coded in the Go programming language, is a cross-platform Remote Administration Trojan (RAT) allowing its operators to manage infected devices through a web browser. This RAT encompasses an array of features, such as a process manager, file explorer, desktop monitor, file editor, and oth
ToolFrequency has been identified as an ad-supported application. The application bombards users with irritating advertisements, and interacting with these ads might lead users to untrustworthy pages. Moreover, ToolFrequency may possess the ability to gather diverse information. ToolFreq