Jett is ransomware our team discovered while inspecting malware samples submitted to VirusTotal. This ransomware encrypts files and appends the victim's ID, info@cloudminerapp.com email address, and ".jett" extension. It also creates two ransom notes: "info.hta" and "ReadMe.txt". An example of ho
News-vi2world[.]life is a rogue webpage found by our research team during a routine investigation of dubious sites. Upon examination, we learned that it endorses browser notification spam and redirects users to different (likely untrustworthy/harmful) websites. Most users access news-vi2world[.]l
Our researchers discovered the "Microsoft Account Locked" technical support scam during a routine investigation of suspicious websites. It is disguised as an alert from Microsoft warning the visitor that their phone was blocked due to suspected illegal activity. The scam urges the user to call the
Our team has analyzed yzup[.]xyz and determined that it is a fraudulent website. It displays misleading content to trick users into agreeing to receive its notifications. These notifications can contain fake virus warnings and similar messages to lure users into opening scam websites or other dubi
Our team has inspected bteuqh[.]click and concluded that it is a deceptive web page. Once visited, inspected bteuqh[.]click presents misleading content to lure visitors into accepting its notifications. If allowed, the page can send notifications promoting scams, unwanted apps, and more. B
Our research team discovered the hotbmayogu[.]today rogue page while investigating suspect sites. It operates by promoting browser notification spam and generating redirects to other (likely unreliable/hazardous) websites. Visitors to hotbmayogu[.]today and similar webpages access them mainly via
In our analysis of enhanceconnection.co[.]in, we discovered that this page uses deception (clickbait) to obtain permission to show notifications. Moreover, the site exploits this permission to display fake warnings and other misleading messages. Allowing enhanceconnection.co[.]in to send notificat
Our researchers discovered hotblolomi[.]cc while browsing dubious websites. This rogue page promotes browser notification spam and redirects users to other (likely untrustworthy/dangerous) sites. Hotblolomi[.]cc and webpages akin to it are primarily accessed via redirects generated by websites emp
After examining Caveqn App (CaveqnApp), we found that it serves no legitimate purpose and has been flagged as malicious by multiple security vendors. Additionally, its certain components distribute malware loader called Legion Loader. Therefore, if Caveqn App is installed, it should be uninstalled
Our research team found the mjieiq[.]click rogue webpage during a routine inspection of suspicious sites. After examining this page, we learned that it promotes browser notification spam and causes redirects to other (likely dubious/dangerous) websites. Most visitors enter mjieiq[.]click and anal