The malicious domain restore-metamask.com was used to steal existing crypto wallets of metamask.io users. It also allowed new wallets to be created and cryptocurrencies deposited to the new wallet, but it would ultimately go to the attackers.
Utoxic is very likely xcazanova, or at minimum very close to him based on the evidence I will show. A leopard don’t change its spots.
Should you trust the HTTP response code when analyzing access logs for suspicious traffic?
toolser.pw(recently had been using
A twist on the old ‘analytics code’ camouflage used by some skimmers to evade detection.