We have examined the page and discovered that it runs a technical support scam. The site displays fake warnings to trick visitors into following the provided instructions. Falling for such scams can lead to various problems, including account hijacking, computer infections, and monetary loss. This
Our team has analysed the malware and determined that it is ransomware. We discovered Immigration ransomware while inspecting malware samples uploaded to VirusTotal. After execution, it encrypts files, creates the "WHATS_HAPPEND.txt" file (a ransom note), and appends the ".eimmigration" extension
Massiv is a banking Trojan aimed at Android devices. It allows threat actors to take control of infected phones and carry out fraudulent transactions from the victim's bank accounts. Cybercriminals disguise Massiv as IPTV apps to trick users searching for online TV services. If detected on a devic
We analyzed cynovira[.]com and found that it uses clickbait to lure visitors into enabling notifications. These notifications may show misleading content and direct users to untrustworthy websites. Users should be cautious with sites like cynovira[.]com and avoid following the instructions they pr
PromptSpy is an Android malware that uses generative AI for persistence. It uses Google Gemini to analyze what appears on the infected device's screen and determine how to remain active in the recent apps list. This helps the malware keep running in the background. Its main goal is to install a VN
BoryptGrab is malware that steals information from infected devices in various ways. It spreads through fake GitHub pages offering free software. It is important to note that during the attack chain involving BoryptGrab, another malware, a backdoor known as TunnesshClient can be injected. If detec
VKontakte (VK)-themed account hijackers are malicious extensions that masquerade as VKontakte customization tools but actually take over VK accounts. There are at least five fake extensions (mentioned in our article below) that contain malware and are designed to perform specific tasks. If any of
The Trojanized version of the RedAlert app looks like the real app, but it secretly injects spyware on the device. It is distributed via SMS phishing (smishing) messages instructing recipients to download an urgent update. The purpose of the malicious application version is to collect sensitive pe
Our team has inspected the email and found that it is a phishing attempt. The scammers designed it to look like an important notification from the email service provider to trick recipients into opening a fraudulent website. Their goal is to steal personal information that can be used to hijack ac
Our analysis shows that iscans[.]pro is a fraudulent website created to steal cryptocurrency. The site pretends to provide a cryptocurrency tracking tool to attract potential victims. People who fall for these scams typically lose their funds permanently. For this reason, iscans[.]pro should not b