During a routine inspection of suspicious sites, our researchers discovered this fake "$TOSHI" airdrop. This scam page impersonates the official Toshi website (toshithecat.com). Victims are lured into exposing their digital wallets to a cryptocurrency drainer by a bogus TOSHI airdrop. IMPORT
Sakura is a RAT (Remote Access Trojan). It is a versatile tool capable of allowing attackers to control infected machines remotely. Sakura RAT has been distributed under various disguises by being embedded into GitHub repositories. These campaigns were undertaken by a financially-motivated threat
Sorillus is a multifunctional remote administration trojan (RAT) based on Java that is offered as malware-as-a-service. The attackers behind Sorillus RAT use fake invoice-themed emails as their main method of delivering the malware. The developers offer the RAT for sale at €59.99 for lifetime acce
While investigating untrustworthy websites, our research team discovered the SafeWatch PUA (Potentially Unwanted Application). In most cases, software within this classification has harmful capabilities. Hence, the presence of unwanted programs on a device poses a risk to device integrity and user
We have examined the page (token-echoprotocol[.]xyz) and discovered that it is a fraudulent copy of the original Echo Protocol site (echo-protocol.xyz). The fake site is designed to trick visitors into believing that they can claim tokens. However, the real goal is to steal cryptocurrency from vic
Our analysis of the site (gift-2x[.]com) shows that it is designed to steal cryptocurrency. The page offers an "exclusive token reward" as a lure. Falling for this scam can result in financial losses. Thus, users should be careful when encountering such pages and verify their legitimacy before tak
Our researchers reviewed the "Aetna Sent You A Secure Message" email and determined that it is fake. It informs the recipient of a secure message sent by the Aetna healthcare company. The goal of this spam campaign is to deceive recipients into disclosing their email account log-in credentials to
Our analysis of neprierenistro.co[.]in shows that its purpose is to display unwanted notifications. It cannot push these notifications without the user's permission, which the site tries to obtain using a deceptive method. It is highly advisable to avoid visiting neprierenistro.co[.]in and never p
Our analysis has shown that this email is a phishing scam disguised as an account cancellation notice. It is designed to deceive recipients into visiting a fake website and providing sensitive information. Messages like this should be identified as scams and deleted without clicking links or reply
After reviewing the email, it is clear that it is a phishing scam disguised as a notification about pending messages. The scammers aim to deceive recipients into visiting a fake website and disclosing personal information. Emails like this should be identified as fraudulent and deleted without int