Our research team discovered muheodeidsoan[.]info while investigating untrustworthy websites. Upon examination, we determined that this rogue webpage promotes dubious content and browser notification spam. It can also redirect users to different (likely unreliable/hazardous) sites. Muheodeidsoan[
Our research team found the monuadz[.]com rogue page while investigating suspect pages. This webpage aims to deceive users into permitting browser notification delivery. It can also redirect them to different (likely unreliable/harmful) sites. Monuadz[.]com and analogous pages are most commonly ac
While investigating untrustworthy sites, our research team found this fake "ETH Farming" webpage. It claims to allow users to "farm" Ethereum and USDC stablecoin cryptocurrencies. Instead, this page lures victims into exposing their digital wallets to a crypto drainer. IMPORTANT NOTE: We do
Our researchers discovered this fake "$COPE" airdrop while browsing suspicious websites. Upon further investigation, we learned that it operates as a cryptocurrency drainer. Essentially, by luring users with a promise of tokens, this scam tricks them into exposing their digital wallets to a crypto
Our research team found the monuadsinc[.]com rogue page while investigating untrustworthy sites. Upon examination, we learned that this webpage promotes browser notification spam and redirects users to other (likely suspicious/malicious) pages. Most visitors to monuadsinc[.]com and similar webpag
Our analysis shows that meethuhesurvey[.]top is an unreliable page that wants to show notifications. If allowed, it can deliver deceptive notifications designed to open other web pages of this kind. Thus, users should avoid visiting meethuhesurvey[.]top and never agree to get notifications from it
While investigating suspect websites, our research team discovered the monadvworld[.]com rogue page. The purpose of this webpage is to trick visitors into permitting browser notification delivery. It can also redirect them to other (likely unreliable/hazardous) sites. Most users access monadvworl
DarkNetRuss is ransomware (a variant of CyberVolk) designed to encrypt files. Additionally, it appends the ".DarkRuss_CyberVolk" extension to the encrypted files and provides a ransom note ("DECRYPT_INSTRUCTIONS.txt"). An example of how DarkNetRuss renames files: it changes "1.jpg" to "1.jpg.DarkR
Monadvstudio[.]com is a rogue webpage designed to promote browser notification spam and redirect users to different (likely unreliable/dangerous) sites. Most visitors to pages of this kind access them through redirects produced by websites employing rogue advertising networks. In fact, our researc
RedHook is a banking trojan that targets Android operating systems. This malicious program has been around since at least the autumn of 2024, and has multiple versions. There is some evidence suggesting that the threat actors behind this malware are Chinese speakers. As of the time of writing, it