During our analysis of the website (curve.web3-claims[.]click), we learned that it is a fraudulent site promoting a $CRV token airdrop. Scammers behind this scam site aim to trick individuals into believing that they can receive tokens for free. However, falling for this scam can result in a perma
While investigating untrustworthy sites, our researchers discovered the elydes[.]com rogue page. Upon inspection, we learned that this webpage endorses browser notification spam and redirects users to other (likely untrustworthy/dangerous) websites. Elydes[.]com and similar pages are most commonl
Our researchers discovered Destroy ransomware while inspecting new file submissions to the VirusTotal platform. It belongs to the group of ransomware under the title "MedusaLocker". On our testing system, Destroy encrypted files and appended their filenames with a ".destry30" extension. Hence, a
DarkDev is a ransomware-type virus found by our researchers while inspecting new submissions to the VirusTotal website. Malware of this kind is designed to encrypt data and demand ransoms for the decryption. After we executed a sample of DarkDev on our test machine, it encrypted files and added a
Helldown is ransomware that we discovered during inspection of malware samples uploaded to the VirusTotal platform. Upon examining Helldown, we concluded that its functionality involves encrypting files, appending a random extension to filenames, and creating a ransom note ("Readme.[random_string]
While examining resertol.co[.]in, we discovered that it uses a deceptive method (clickbait) to lure visitors into agreeing to receive its notifications. Once allowed, resertol.co[.]in shows fake warnings and other misleading notifications. Therefore, users should never permit resertol.co[.]in (and
Our researchers found denalimount[.]top while inspecting dubious websites. This rogue page endorses browser notification spam and redirects users to other (likely untrustworthy/dangerous) sites. The majority of visitors enter webpages like denalimount[.]top via redirects generated by websites tha
We have analyzed datingkoe2[.]site and learned that it presents misleading content to trick visitors into allowing it to show notifications. Datingkoe2[.]site utilizes clickbait to receive this permission. Users should avoid visiting web pages that use such methods and never grant them any permiss
Elixirnexus[.]com is a rogue page discovered by our researchers during a routine investigation of suspicious websites. Our examination revealed that this webpage endorses browser notification spam and redirects users to other (likely unreliable/hazardous) sites. Most visitors access pages like el
Our team has analyzed the site (register-arciumhq[.]xyz) and discovered that it is a scam page posing as the Arcium website. The purpose of the fraudulent web page is to trick visitors into believing they are on the real page and performing actions that could lead to financial losses. Users should