HellCat is ransomware that encrypts victims' files and appends the ".HC" extension to them. Also, it changes the desktop wallpaper and drops a ransom note ("_README_HELLCAT_.txt"). An example of how HellCat renames files: it changes "1.jpg" to "1.jpg.HC", "2.png" to "2.png.HC", "3.exe" to "3.exe.H
Chydroogible[.]com is a rogue page discovered by our researchers during a routine inspection of untrustworthy websites. After examining this webpage, we learned that it promotes browser notification spam and produces redirects to other (likely unreliable/hazardous) sites. Most users access chydroo
Our inspection of lingfidancytows[.]com has revealed that the purpose of this page is to trick visitors into agreeing to receive its notifications. The site uses clickbait to get this permission. If allowed, lingfidancytows[.]com delivers notifications containing fake warnings and similar messages
We have examined dipplate[.]com and discovered that it uses clickbait to obtain permission to deliver notifications to devices. Typically, when a web page is designed to trick visitors into agreeing to receive notifications, it uses them to promote scams, shady apps, and other unreliable pages. Th
While browsing untrustworthy websites, our researchers discovered a fake "Solana L2 Presale". This is a phishing scam that lures users into disclosing their cryptocurrency wallet log-in credentials through a fraudulent presale event. It must be emphasized that this "Solana L2 Presale" is not assoc
After inspecting this "Your Cloud Storage Is Full" email, we determined that it is spam. This fake message claims that the recipient's cloud storage is full and multiple threats have been detected therein. The goal of this spam campaign is to redirect recipients to various (likely deceptive/malici
After investigating this "$TWOCS Token Presale", we determined that it is fake. The scam lures users with a token presale event and deceives them into disclosing their digital wallets to a cryptocurrency drainer. IMPORTANT NOTE: We do not review crypto projects, please do your own research w
Sarcoma Group ransomware is malware that encrypts files and appends its extension to files (e.g., it renames "1.jpg" to "1.jpg.xp9Mq1ZD05", "2.png" to "2.png.xp9Mq1ZD05", etc). The appended extension may differ depending on the specific ransomware sample. In addition to encrypting and renaming fil
Our team reviewed the page (sol-shadow[.]com) and determined that it is a fake website created to lure unsuspecting users with a deceptive cryptocurrency presale offer. Its main goal is to trick visitors into actions that could lead to financial loss. This website should be ignored and closed if e
Our research team found the venesemise[.]com rogue page while investigating suspect websites. It operates by promoting browser notification spam and redirecting users to other (likely deceptive/malicious) sites. Most visitors access venesemise[.]com and similar webpages through redirects caused by