Our researchers found foritatoginia[.]com while browsing untrustworthy sites. After inspecting this rogue page, we determined that it endorses spam browser notifications and redirects visitors to different (likely suspicious/malicious) websites. Foritatoginia[.]com and webpages akin to it are most
"Succinct Rewards" is a scam that impersonates the official Succinct network website (succinct.xyz). The imitator page lures potential victims with a PROVE token airdrop. Users deceived into trusting the fake site expose their digital wallets to a cryptocurrency drainer. IMPORTANT NOTE: We d
During our examination of the site (qubeticsairdrop[.]info), we found that it promotes a fake cryptocurrency airdrop. This scam page mimics the original Qubetics website (qubetics.com) to appear legitimate and trick visitors into interacting with it. The purpose of this scam is to steal cryptocurr
Our researchers discovered this fake "Cryptowallet Resolver" website during a routine investigation. Although this site promises to solve various cryptocurrency wallet issues, it operates as a cryptocurrency drainer – by siphoning digital assets. IMPORTANT NOTE: We do not review crypto proje
We have examined gfdkeo.co[.]in and concluded that it is an untrustworthy website that uses clickbait to trick visitors into allowing it to send notifications. If this permission is granted, gfdkeo.co[.]in can display fake alerts and other deceptive messages to promote other potentially malicious
Yolowen.co[.]in is the address of a rogue webpage intended to trick visitors into consenting to browser notification delivery. This page can also redirect users to other (likely dubious/hazardous) sites. Most visitors to yolowen.co[.]in and similar webpages access them via redirects caused by web
While investigating untrustworthy sites, our research team discovered the wns-protect[.]pro rogue webpage. After examining it, we determined that this page promotes browser notification spam and redirects users to other (likely unreliable/hazardous) sites. Redirects generated by websites utilizin
Our team found that efispentapped.co[.]in uses clickbait to obtain permission to show notifications. After permission is granted, the site can send misleading messages that might lead users to suspicious websites. It is best to avoid this site and close it if you come across it. When users
Our team discovered that bacysobste[.]com tries to trick visitors into agreeing to receive its notifications. Once permission is given, the site can deliver deceptive alerts that may direct users to shady websites. It is advisable to avoid this site and close it immediately if you encounter it.
Our discovery of KREMLIN occured during an inspection of samples uploaded to VirusTotal. Upon testing the malware, we found that it is ransomware. KREMLIN is designed to encrypt files and append the ".KREMLIN" extension to them. It also creates a text file ("README.txt") containing a ransom note.