Our researchers discovered websafetyframework[.]com during a routine investigation. It is a rogue webpage designed to promote browser notification spam and redirect users to other (likely untrustworthy/harmful) sites. Most visitors to websafetyframework[.]com and similar pages access them through
Our researchers discovered this "Renew Your Antivirus" scam while investigating a website that uses rogue advertising networks. It claims that the user's antivirus may have expired on a specific date. Typically, the goal of such scams is to lure victims into downloading/installing, or purchasing s
While investigating untrustworthy websites, our research team discovered this fake "Nft Now ($NOW)" airdrop. This giveaway is not associated with the NFT Now platform. The purpose of this fraudulent page is to serve as a phishing scam targeting cryptocurrency wallet log-in credentials. IMPOR
While browsing new submissions to the VirusTotal website, our researchers discovered the Karma ransomware. It encrypts victims' files in order to demand payment for the decryption. This malicious program is part of the MedusaLocker ransomware family. After we executed a sample of Karma (MedusaLoc
Our review of titanchainedge[.]com reveals that it employs deceptive tactics to trick users into permitting it to send notifications. The site misuses this permission to send unwanted and intrusive content. Therefore, users should avoid allowing notifications from sites like titanchainedge[.]com.
Our team has examined the email and concluded that it is a phishing attempt. It is disguised as a notification from the email service provider and includes a deceptive link that is used to trick recipients into opening a fake login page. The goal is to steal personal information from unsuspecting
We have checked the website (register-chain[.]link) and found that it promotes a fraudulent airdrop (cryptocurrency giveaway). Also, it mimics the original Chainlink site (chain.link) to appear legitimate. The purpose of this page is to steal cryptocurrency. Thus, it should not be trusted. I
Our team has examined Backups and found that it is a variant of the Beast ransomware. Once executed on a system, it encrypts files and appends the victim's ID and the ".BACKUPS" extension to filenames. Also, the ransomware creates a ransom note ("README.TXT"). We have discovered it while inspectin
Our analysis of amencers.co[.]in reveals that it employs a misleading notification request designed to manipulate users into granting permission to deliver notifications. After approval, the site can exploit this feature to send spammy and deceptive notifications, so users should avoid visiting it
Homefindhub.com is the address of a fake search engine. This type of webpage cannot provide search results. These search engines are usually promoted (via redirects) by browser hijackers. In addition to the lack of functionality, illegitimate search engines usually collect information about their