We have inspected the email and found that it is a fake email regarding pending emails and email account re-authentication. It is a phishing email designed to trick recipients into opening a deceptive web page and disclosing personal information. Emails of this type should be ignored to avoid data
After reviewing shafirewall[.]xyz, we found that it displays misleading content designed to trick visitors into allowing it to show notifications. The site can send fake warnings and other deceptive notifications if permission is granted. In general, it is an untrustworthy page that should be avoi
Boramae is a ransomware-type program. It is designed to encrypt data and demand ransoms for the decryption. Boramae appends filenames of encrypted files with a unique ID assigned to the victim and a ".boramae" extension, e.g., a file titled "1.jpg" becomes "1.jpg.{62C6A0A1-CB99-6138-914B-5F2CBAAA0
While investigating an installation setup promoted by a rogue webpage, we discovered the "Roxaq Apps" PUA (Potentially Unwanted Application). This program acts as a dropper for the Legion Loader malware. On our test machine, Roxaq Apps was installed together with the fake "Save to Google Drive" br
Feedshareeasyfile[.]com is the address of a rogue page that endorses unwanted software and browser notification spam. Additionally, it can redirect users to different (likely dubious/dangerous) sites. Most visitors to feedshareeasyfile[.]com and analogous webpages access them through redirects ca
As its name suggests, PrivacyShield is a web browser that focuses on protecting user privacy by offering features designed to block potential privacy invasions. However, it is possible that this browser is promoted using malicious installers. Thus, we classified PrivacyShield as an unwanted applic
Our researchers discovered the vfiqi[.]info rogue page while browsing suspect websites. Upon examination, we determined that this webpage promotes browser notifications spam with a video-themed lure (others are possible). Additionally, it can redirect users to other (likely unreliable/malicious) s
While browsing suspicious websites, our researchers discovered the domfirewall[.]xyz rogue page. It operates by endorsing browser notification spam and redirecting users to other (likely unreliable/dangerous) sites. Domfirewall[.]xyz and similar webpages are primarily accessed via redirects cause
We have reviewed volemist.co[.]in and found that it displays deceptive content to lure visitors into accepting its notifications. If granted permission, volemist.co[.]in can deliver fake warnings and other notifications. Overall, it is an unreliable web page that should be avoided and closed if ev
Spareforads[.]top is a rogue webpage discovered by our researchers during a routine inspection of suspicious sites. After examining it, we determine that this page promotes browser notifications spam and redirects users to different (likely dubious/malicious) websites. Most visitors to spareforad