While investigating untrustworthy sites, our research team found this fake "ETH Farming" webpage. It claims to allow users to "farm" Ethereum and USDC stablecoin cryptocurrencies. Instead, this page lures victims into exposing their digital wallets to a crypto drainer. IMPORTANT NOTE: We do
Our researchers discovered this fake "$COPE" airdrop while browsing suspicious websites. Upon further investigation, we learned that it operates as a cryptocurrency drainer. Essentially, by luring users with a promise of tokens, this scam tricks them into exposing their digital wallets to a crypto
Our research team found the monuadsinc[.]com rogue page while investigating untrustworthy sites. Upon examination, we learned that this webpage promotes browser notification spam and redirects users to other (likely suspicious/malicious) pages. Most visitors to monuadsinc[.]com and similar webpag
Our analysis shows that meethuhesurvey[.]top is an unreliable page that wants to show notifications. If allowed, it can deliver deceptive notifications designed to open other web pages of this kind. Thus, users should avoid visiting meethuhesurvey[.]top and never agree to get notifications from it
While investigating suspect websites, our research team discovered the monadvworld[.]com rogue page. The purpose of this webpage is to trick visitors into permitting browser notification delivery. It can also redirect them to other (likely unreliable/hazardous) sites. Most users access monadvworl
DarkNetRuss is ransomware (a variant of CyberVolk) designed to encrypt files. Additionally, it appends the ".DarkRuss_CyberVolk" extension to the encrypted files and provides a ransom note ("DECRYPT_INSTRUCTIONS.txt"). An example of how DarkNetRuss renames files: it changes "1.jpg" to "1.jpg.DarkR
Monadvstudio[.]com is a rogue webpage designed to promote browser notification spam and redirect users to different (likely unreliable/dangerous) sites. Most visitors to pages of this kind access them through redirects produced by websites employing rogue advertising networks. In fact, our researc
RedHook is a banking trojan that targets Android operating systems. This malicious program has been around since at least the autumn of 2024, and has multiple versions. There is some evidence suggesting that the threat actors behind this malware are Chinese speakers. As of the time of writing, it
After reviewing miredindeed[.]net, we found that it employs clickbait tactics to deceive visitors into allowing notifications. If permitted, the site can deliver intrusive notifications containing links to other untrustworthy websites. For these reasons, miredindeed[.]net should not be trusted.
We have inspected misridgefield[.]com and concluded that it uses clickbait to trick visitors into granting it permission to send notifications to their devices. If allowed, misridgefield[.]com can display annoying notifications with links to other untrustworthy websites. Misridgefield[.]co