Our researchers discovered this fake "Yala" airdrop during a routine investigation. This webpage is supposedly associated with Yala; in fact, this page is in no way connected to the real protocol of this name (yala.org). The purpose of this scam site is to deceive users into exposing their digital
Our researchers discovered navronexo.co[.]in while browsing dubious websites. After examining this rogue page, we determined that it endorses browser notification spam and produces redirects to other (likely unreliable/harmful) websites. Navronexo.co[.]in and analogous webpages are mainly entered
Clotomonia.co[.]in is a rogue webpage discovered by our researchers while investigating dubious sites. Its goal is to promote browser notification spam and redirect users to other (likely unreliable/dangerous) websites. The majority of visitors to clotomonia.co[.]in and similar pages access them t
While investigating dubious websites, our researchers discovered this fake "Web3 Crypto Exchange Platform" (syncnoderesolver[.]com; possibly other domains). Instead of providing the promised services, this webpage tricks users into exposing their cryptowallets to a cryptocurrency drainer. IM
Trueadsfeed[.]top is a rogue webpage that our researchers discovered while browsing suspect sites. The purpose of this page is to trick visitors into consenting to its browser notification delivery. This webpage can also redirect users elsewhere (likely dubious/malicious websites). Pages like true
Our team has inspected WannaChaos666 and found that it is ransomware based on Chaos. Once activated (executed on a device), WannaChaos666 encrypts files and appends its extension (".666") to them. It also changes the desktop wallpaper and drops a ransom note, "read_me_f*cking_b*tch!". An example
Our researchers discovered aromboples[.]com during a routine inspection of untrustworthy websites. After examining this page, we determined that it promotes browser notification spam and redirects users to different (likely unreliable/hazardous sites). The majority of visitors to aromboples[.]com
SHUYAL is an information-stealing malware that targets web browsers and other applications. It uses advanced evasion techniques, including self-deletion and automatic disabling of Task Manager, to avoid detection. If detected on a device, it should be removed immediately. Once executed, th
Fravixnula[.]com is a rogue website discovered by our researchers during a routine inspection of questionable sites. Upon examination, we learned that this page endorses spam browser notifications and generates redirects to other (likely unreliable/dangerous) websites. Most visitors to fravixnula
Our research team found Cowa ransomware during a routine inspection of new file submissions to the VirusTotal site. This malicious program belongs to the Makop ransomware family. Malware of this kind encrypts data and demands a ransom for the decryption. On our testing system, Cowa encrypted file