We have examined the website (claim-liquid.pages[.]dev) and found that it is designed to steal cryptocurrency from victims and promotes a fake airdrop (giveaway) as a lure. Moreover, the site mimics the original MemeLiquid site (memeliquid.io) to appear legitimate. Users should avoid the fake webs
While inspecting malware samples uploaded to VirusTotal, we discovered BuP1w, a ransomware that encrypts data and appends the ".BuP!w3" extension to files. For instance, it renames "1.jpg" to "1.jpg.BuP!w3", "2.png" to "2.png.BuP!w3", "3.exe" to "3.exe.BuP!w3", etc. This ransomware also changes th
During our investigation, we determined that stratochainedge[.]com is a deceptive webpage created to trick users into allowing notifications. Once permission is granted, the site floods the device with fake alerts and misleading messages that may redirect users to scams and other unreliable or pot
Our team has reviewed the message and concluded that it is written by scammers seeking to steal personal information. Such scams are classified as phishing attempts. Falling for them can result in account compromise and additional issues. Recipients should ignore this email to avoid the potential
0apt Locker is ransomware that prevents access to files by encrypting them. In addition to encrypting data, 0apt Locker appends the ".0apt" extension to files, changes the desktop wallpaper, and provides a ransom note ("README0apt.txt"). An example of how files are renamed: "1.jpg" is changed to "
Our analysis shows that this is a phishing email posing as a secure notification regarding a received document. Its purpose is to deceive recipients into opening the included website and sharing personal information. Falling for this scam can lead to account compromise and further negative outcome
We have inspected the message and determined that it is a phishing email masquerading as an urgent notification from the email service provider. It is designed to trick recipients into opening a fake login website and disclosing personal information. Victims of this scam may lose access to persona
We have examined the website (distribution-purpe[.]xyz) and concluded that it is a copy of the purpe.xyz and purplepepe.life pages. Fraudsters behind the fraudulent version aim to steal cryptocurrency from unsuspecting visitors. They promote a fake giveaway as a lure. Users should not trust distri
Our team has reviewed the message and concluded that it is a phishing attempt. The email is presented as an urgent notification from Santander Bank. It is created to trick recipients into believing that they can receive a large sum of money for cooperation. The goal is to steal money and (or) info
We have examined the malware and found it to be ransomware from the MedusaLocker family. Our discovery of Chip occurred during an analysis of samples submitted to VirusTotal. We determined that Chip encrypts files and appends the ".chip1" extension (the number may vary). It also generates the "Rec