DarkCloud is a malicious program classed as a stealer. Malware within this classification is designed to steal sensitive information from infected systems. DarkCloud stealer has been observed using sophisticated infiltration and anti-analysis/anti-detection techniques. DarkCloud has infilt
After inspecting this "Monthly e-Statement" email, we determined that it is spam. It is presented as a notification concerning a monthly statement that has been sent. Upon further investigation, we learned that with this lure – recipients are tricked into installing a malicious application called
While investigating dubious websites, our research team found this fake "PancakeSwap Voting" page. It lures users into exposing their digital wallets to a cryptocurrency drainer with a poll. It must be emphasized that this scam is not associated with the real PancakeSwap decentralized exchange.
While browsing untrustworthy sites, our research team discovered the lavaalchemist[.]top rogue webpage. It operates by promoting spam browser notifications and redirecting visitors to different (likely dubious/dangerous) websites. In most cases, users access pages like lavaalchemist[.]top via red
Lands[.]ninja is the address of a rogue webpage discovered by our research team during a routine inspection of suspicious sites. After examining this page, we learned that it endorses browser notification spam and generates redirects to other (likely unreliable/harmful) websites. The majority of
We have examined the page (aave-app[.]xyz) and discovered that it is fake. It poses as the original Aave platform (app.aave.com) to trick visitors into connecting their wallets. Falling for this scam can cause significant financial loss. Thus, this fraudulent website should be avoided and closed i
We have reviewed knuckledd[.]com and determined that it is designed to trick visitors into enabling browser notifications. Once allowed, the site can deliver intrusive and misleading warnings, offers, and other notifications. Interacting with these notifications may put users at risk of privacy br
We have inspected the email and found that it is a phishing email disguised as a delivery status notification from an email service provider. It includes a link to a phishing website designed to trick visitors into entering personal information. Emails of this type should be ignored to avoid accou
After reading this "Alert Regarding Your System Credentials" email, we determined that it is spam. This message claims that the recipient's password will expire within 24 hours. The recipient is urged to maintain uninterrupted service – thus, they are lured into revealing their email account log-i
After inspecting this "EFT Debit Release" email, we determined that it is spam. This message concerns an EFT (Electronic Funds Transfer) debit payment that will be released today. The goal of this campaign is to trick recipients into entering their account log-in credentials to a phishing file.