Our researchers discovered the gougenoticei[.]com rogue page during a routine inspection of untrustworthy websites. Upon investigation, we learned that this webpage promotes browser notification spam and redirects visitors to different (likely dubious/dangerous) sites. Most users enter pages like
Goodssurveysuccess[.]top is a rogue page that promotes deceptive content and browser notification spam. It can also redirect users to other (likely unreliable/hazardous) sites. Most visitors to goodssurveysuccess[.]top and similar webpages access them via redirects produced by websites that utiliz
After reading this "Promotion Of Powerball Lottery Organization 2025" email, we determined that it is spam. The message claims that the recipient has won millions in a lottery. This phishing campaign targets recipients' personally identifiable details, and may even attempt to trick them into sendi
While browsing dubious websites, our researchers discovered this fake "Trezor Security Update" page. It impersonates the official website of the Trezor wallet (trezor.io) and claims that users must undertake a critical update. This is a phishing scam that targets cryptocurrency wallet log-in crede
This fake "Gasspas (GASS)" page (gasspas-vip.web[.]app; possibly other domains) is an almost perfect visual copy of the official Gasspas website (gasspas.vip). This imitator webpage promotes a cryptocurrency drainer, which is designed to siphon funds from exposed digital wallets. It must be stress
We have inspected the page (walletsuppport[.]com) and discovered that it is a fake crypto analytics platform. The scammers behind it offer crypto vouchers to lure users into connecting their wallets. Their goal is to steal cryptocurrency from unsuspecting individuals. Thus, this site should be avo
Our researchers found the 707 ransomware while investigating new submissions to the VirusTotal website. Malware of this kind encrypts data and demands payment for the decryption. On our test machine, 707 encrypted files and appended their names with a ".707" extension. For example, a file origina
We have inspected davixnaro.co[.]in and found it to be deceptive. It is designed to rick visitors into accepting push notifications. Once enabled, davixnaro.co[.]in can send fake alerts and similar messages to trick users into opening other (potentially malicious) websites. Thus, davixnaro.co[.]in
CyberHazard is ransomware from the MedusaLocker family. We discovered it while examining malware samples submitted to VirusTotal. Our analysis shows that CyberHazard encrypts files and appends the ".cyberhazard" extension to them. For example, it changes "1.jpg" to "1.jpg.cyberhazard" and "2.png"
We have reviewed the site (refundyoursol[.]io) and concluded that its purpose is to steal cryptocurrency. Like most similar scams, this page offers users the chance to receive free crypto. It is important to recognize such scams and never interact with them to avoid cryptocurrency theft. IMP