Physical Address
Lesya Kurbasa 7B
03194 Kyiv, Kyivska obl, Ukraine
The 8484.site is a deceptive phishing website masquerading as an official “Roblox Administrator R$ Group” that falsely promises to distribute free Robux (Roblox’s virtual currency) to users. Classified as a high-risk phishing site by GridinSoft’s Website Reputation Checker with a…
The “Binance – Urgent Security Alert” email is a sophisticated phishing scam targeting cryptocurrency users by falsely alerting them about suspicious sign-in attempts to their Binance accounts. Masquerading as official security notifications from Binance Holdings Ltd., these deceptive messages contain…
The 1vbx.us website is a deceptive phishing scam targeting Fortnite players with false promises of free V-Bucks. Classified as a high-risk phishing site by GridinSoft’s Website Reputation Checker with a reputation score of just 1/100, this platform employs social engineering…
PayForRepair (also known as .P4R) is a dangerous file-encrypting ransomware belonging to the Dharma ransomware family. This malware targets Windows systems, encrypting user files with strong cryptography and appending them with .P4R extension. After encryption, it demands payment in Bitcoin…
The Fn25.vip website is a phishing scam targeting Fortnite players with false promises of free V-Bucks and exclusive skins. Classified as a high-risk phishing site by GridinSoft’s Website Reputation Checker with a reputation score of just 1/100, this platform employs…
Forgive ransomware represents a significant cybersecurity threat that encrypts victim files and appends them with the “.forgive” extension. First identified through submissions to VirusTotal, this crypto-malware targets Windows systems, locking personal files and demanding a $500 ransom in Ethereum cryptocurrency.…
Hero ransomware (also known as Hero virus) is a file-encrypting malware from the Proton ransomware family that targets Windows computers. This malicious program encrypts victims’ files, appends them with the attackers’ email address and a “.hero77” extension, and demands payment…
Beraborrow.claims is a sophisticated cryptocurrency drainer scam that impersonates the legitimate Beraborrow platform (beraborrow.com). The fraudulent site presents itself as offering a “$BERA Rewards” proposal where users can supposedly vote and earn cryptocurrency rewards. However, the actual purpose is to…
Legion Loader is a sophisticated malware dropper first discovered in 2025 that serves as a delivery mechanism for multiple secondary payloads including trojans, ransomware, information stealers, and malicious browser extensions. Distributed primarily through fake CAPTCHA interfaces, deceptive websites, and bundled…
Temeliq Ultra Touch is a potentially unwanted application (PUA) that acts as a dropper for the dangerous Legion Loader malware. First identified in April 2025, this deceptive software is typically distributed through misleading websites like appsuccess[.]monster and bundled software installers.…
Neptune RAT is a Remote Access Trojan targeting Windows systems with an extensive array of dangerous capabilities. Written in Visual Basic .NET and heavily obfuscated, this malware can exfiltrate credentials from over 270 applications, deploy ransomware functionality, monitor desktops in…
The iToken presale scam is a sophisticated cryptocurrency-related phishing operation that targets potential crypto investors by impersonating a legitimate digital token offering associated with well-known companies. First identified in April 2025 on domains like ipresales[.]top, this fraudulent scheme displays logos…
DarkMystic is a newly discovered variant of the BlackBit ransomware family that encrypts files, appends them with a “.darkmystic” extension, and demands Bitcoin payment for decryption. First identified on April 14, 2025, this ransomware prepends encrypted filenames with the attackers’…
Rbx2.net is a fraudulent website impersonating legitimate Roblox services to steal user credentials, personal information, and financial data. With a security reputation score of 1/100 (verified by Website Reputation Checker), it targets primarily children and young adults through false promises…
The “We Hacked Your System” email is a sophisticated sextortion scam that attempts to extort money from victims through psychological manipulation and false claims about compromised systems. This scam falsely claims to have video recordings of victims visiting adult websites,…
Slopsquatting is an emerging type of software supply chain attack that leverages AI hallucinations to compromise development environments. This attack vector exploits the tendency of large language models (LLMs) to recommend non-existent package names, which attackers then register and weaponize.…
TROX Stealer is a sophisticated information-stealing malware first identified in December 2024, distributed as a Malware-as-a-Service (MaaS) offering. This multi-stage threat employs complex evasion techniques, including WebAssembly (Wasm) and multiple programming languages, to steal sensitive data ranging from browser credentials…
LegionLocker is a dual-purpose ransomware and screen locker that deploys multiple persistence mechanisms while encrypting files and locking access to the system. This malware communicates through Telegram, requiring victims to contact the operators via the @xexeza handle to negotiate ransom…
NBA Ransomware employs double extortion tactics by encrypting files with the .NBA extension and exfiltrating sensitive data. This malware establishes communication through qTox, requiring victims to install the secure messaging application to negotiate ransom payments. First detected in early 2025,…
Solara Ransomware is a threat that combines encryption capabilities with social engineering tactics targeting gaming communities, particularly ROBLOX users. This malware variant, associated with the Chaos ransomware family, disguises itself as a gaming utility while deploying file encryption functionality. First…
Krypt Ransomware employs double extortion tactics by both encrypting files and claiming to steal sensitive data. This malware establishes communication through multiple channels including a TOR-based chat interface, email, and Telegram. First observed in early 2025, Krypt targets organizations and…
Maximsru Ransomware represents a significant threat that encrypts victim files and appends a random five-character extension to filenames. This malicious program establishes persistence through desktop wallpaper modification and creates a distinctive ransom note titled “MAXIMSRU.txt”. First identified through submissions to…
Jeffery Ransomware represents a dangerous threat that emerged in early 2020, exploiting COVID-19 pandemic fears to distribute malware that encrypts victims’ files with the distinctive .Jeffery extension. This ransomware combines opportunistic social engineering with effective encryption techniques, establishing persistence through…
VerdaCrypt represents a PowerShell-based ransomware that combines advanced encryption techniques with psychological manipulation to extort victims. Employing a modular architecture with anti-analysis capabilities, this ransomware targets critical data across multiple file types with AES-256 encryption. The threat actor behind VerdaCrypt,…
Sauron Ransomware represents a sophisticated cyberthreat that combines file encryption, data theft, and psychological manipulation to extort victims. Named after the dark lord from J.R.R. Tolkien’s works, this ransomware employs a triple-extortion strategy demanding payment through Telegram. With unique characteristics…
Advanced threat actor Paper Werewolf (also known as GOFFEE) has been conducting sophisticated cyberattacks against Russian entities using a new PowerShell-based implant called PowerModul. The campaign targeted organizations in mass media, telecommunications, construction, government entities, and energy sectors between July…
Oxleak.com is a fraudulent website that claims to offer free OnlyFans content downloads, posing significant security and privacy risks. With a security reputation score of 1/100 (verified by GridinSoft Website Reputation Checker), it demonstrates classic phishing patterns designed to steal…
Playzop.org is a suspicious website that claims to offer money-making opportunities through tasks or games. With a security reputation score of 15/100 (verified by GridinSoft Website Reputation Checker), it demonstrates numerous red flags, particularly regarding promised payouts that users report…
8585.bio is a fraudulent website impersonating legitimate Roblox services to steal user credentials, personal information, and financial data. With a security reputation score of 1/100 (verified by GridinSoft Website Reputation Checker), it targets primarily children and young adults through false…
RB5.lol is a fraudulent website impersonating legitimate Roblox services to steal user credentials, personal information, and financial data. With a security reputation score of 1/100 (verified by GridinSoft Website Reputation Checker), it targets primarily children and young adults through false…
