While investigating suspect sites, our researchers discovered the "Hyperliquid ($HYPE) Vote Rewards" scam. This page impersonates the official Hyper Foundation website (hyperfoundation.org) and promises rewards to early voters. The goal is to deceive users into exposing their digital wallets to a
This "ChainOpera AI ($COAI)" airdrop is fake. Our researchers discovered this scam during a routine inspection of suspicious websites. It is presented as the official website of ChainOpera AI (chainopera.ai) and lures users into exposing their cryptowallets to a cryptocurrency drainer. It must be
Our examination of the page (event-onyxs[.]org) has revealed that it is a fake site posing as the original Onyx website (onyx.org). The scammers behind the fraudulent page aim to trick visitors into believing that they can claim rewards, and their intention is to steal cryptocurrency. IMPORT
We have inspected the website (jayacitakreasindo[.]com) and concluded that it is a scam. It mimics the original DappRadar page (dappradar.com) to appear trustworthy. The purpose of this site is to trick visitors into connecting their wallets, which allows scammers to steal cryptocurrency. IM
Our analysis shows that FIND is ransomware from the Dharma family. We discovered it while inspecting samples submitted to VirusTotal. Once executed, FIND encrypts files and provides two ransom notes (it displays a pop-up window and creates a file named "info.txt"). Also, the ransomware renames fil
We have inspected the site (app-rocksolid[.]live) and concluded that it is a scam. It mimics the original RockSolid site (app.rocksolid.network) to lure visitors into using it and taking a specific step. The goal of this fake website is to drain cryptocurrency wallets. It should be avoided and exi
While investigating dubious sites, our research team found the pyroscouriell.co[.]in rogue webpage. After inspecting it, we learned that this page promotes browser notification spam and redirects visitors to different (likely suspicious/harmful) websites. Pyroscouriell.co[.]in and similar webpage
Our researchers discovered this fake "Keeta ($KTA) Vote Rewards" page during a routine inspection of suspect websites. It impersonates the Keeta network (keeta.com) and claims that holders of the native token (KTA) can claim a reward if they vote in a poll within the first 24 hours. With this lure
During a routine investigation, our researchers discovered this fake "Fleek" webpage (register-fleek[.]com; other domains are possible). It impersonates Fleek's official website to deceive users into exposing their cryptowallets to a cryptocurrency drainer. IMPORTANT NOTE: We do not review c
While investigating dubious websites, our researchers discovered this fake "Dione Protocol ($DIONE) Vote Rewards" page. Our examination of this scam revealed that it operates as a cryptocurrency drainer. It must be emphasized that this fraudulent webpage is not associated with the actual Dione Pro