While investigating an installation setup promoted by a rogue webpage, we discovered the "Roxaq Apps" PUA (Potentially Unwanted Application). This program acts as a dropper for the Legion Loader malware. On our test machine, Roxaq Apps was installed together with the fake "Save to Google Drive" br
Feedshareeasyfile[.]com is the address of a rogue page that endorses unwanted software and browser notification spam. Additionally, it can redirect users to different (likely dubious/dangerous) sites. Most visitors to feedshareeasyfile[.]com and analogous webpages access them through redirects ca
As its name suggests, PrivacyShield is a web browser that focuses on protecting user privacy by offering features designed to block potential privacy invasions. However, it is possible that this browser is promoted using malicious installers. Thus, we classified PrivacyShield as an unwanted applic
Our researchers discovered the vfiqi[.]info rogue page while browsing suspect websites. Upon examination, we determined that this webpage promotes browser notifications spam with a video-themed lure (others are possible). Additionally, it can redirect users to other (likely unreliable/malicious) s
While browsing suspicious websites, our researchers discovered the domfirewall[.]xyz rogue page. It operates by endorsing browser notification spam and redirecting users to other (likely unreliable/dangerous) sites. Domfirewall[.]xyz and similar webpages are primarily accessed via redirects cause
We have reviewed volemist.co[.]in and found that it displays deceptive content to lure visitors into accepting its notifications. If granted permission, volemist.co[.]in can deliver fake warnings and other notifications. Overall, it is an unreliable web page that should be avoided and closed if ev
Spareforads[.]top is a rogue webpage discovered by our researchers during a routine inspection of suspicious sites. After examining it, we determine that this page promotes browser notifications spam and redirects users to different (likely dubious/malicious) websites. Most visitors to spareforad
Our researchers discovered this application named "Cuiall Apps" while analyzing a rogue installation setup. Upon examination, we determined that this piece of software is a PUA (Potentially Unwanted Application). It is designed to infiltrate the Legion Loader malware into systems. Cuiall Apps was
Hotbmefene[.]today is a rogue webpage that promotes browser notification spam by using a fake CAPTCHA verification test (other lures are possible). Additionally, this page can redirect users elsewhere (likely unreliable/hazardous) websites. Most visitors to hotbmefene[.]today and similar webpages
Our analysis of hotbyikale[.]cc reveals that the site employs clickbait tactics to gain permission to deliver notifications. Websites that rely on deceptive strategies to obtain this permission are untrustworthy, as they misuse it to push scams and other dubious content. Thus, hotbyikale[.]cc and