We have analyzed Danger and found that it is ransomware belonging to the GlobeImposter family. Upon execution, Danger encrypts files and appends ".danger" to them. It also creates a file ("HOW_TO_BACK_FILES.html") containing a ransom note. Our discovery of Danger occurred during the inspection of
We have found that sweepoffer[.]info presents deceptive content. Its purpose is to receive permission to show notifications. As a rule, when such a site has permission to deliver notifications, it promotes other dubious web pages, scams, unwanted apps, etc. It is highly advisable not to agree to r
We have examined this scam and concluded that it is a technical support scam. Usually, these scams involve fake warnings or other "urgent" messages designed to deceive users into taking immediate action. Scammers use them to steal money and (or) personal information and sometimes to distribute m
During our examination of thenewsstream[.]site, we found that it uses a misleading method to trick visitors into granting it permission to show notifications. Once this permission is given, thenewsstream[.]site floods users with annoying and unwanted notifications designed to open other shady site
We have examined nocksolanvente[.]com and concluded that the purpose of this web page is to obtain permission to show notifications. It uses clickbait, a misleading technique, to trick users into accepting its notifications. Usually, notifications from pages like nocksolanvente[.]com are deceptive
Rapidreporters[.]site is a rogue page discovered by our researchers during a routine investigation of dubious websites. Upon inspection, we learned that rapidreporters[.]site endorses browser notification spam and generates redirects to different (likely unreliable/hazardous) sites. Most visitors
Our researchers discovered jpokl[.]click while browsing suspect websites. This rogue page endorses browser notification spam and generates redirects to different (likely unreliable/dangerous) websites. Most users access jpokl[.]click and analogous webpages via redirects caused by sites that utiliz
After examining this groomee[.]click rogue page, we determined that it endorses browser notification spam and generates redirects to different (likely untrustworthy/hazardous) websites. Most users enter webpages like groomee[.]click via redirects caused by sites utilizing rogue advertising networ
SpyLend is a malicious program targeting Android devices. It can be utilized in a variety of ways, yet its primary use is to function as "SpyLoan" malware. At the time of writing, this software operated as "SpyLoan" when installed on devices located in India. It offers Indian users predatory loan
Our analysis of safetoworkwith[.]com revealed that the site presents misleading messages and requests permission to show notifications. Notifications from safetoworkwith[.]com are also deceptive and can lead users to unreliable websites. Thus, it is highly advisable to avoid safetoworkwith[.]com.