In our analysis of enhanceconnection.co[.]in, we discovered that this page uses deception (clickbait) to obtain permission to show notifications. Moreover, the site exploits this permission to display fake warnings and other misleading messages. Allowing enhanceconnection.co[.]in to send notificat
Our researchers discovered hotblolomi[.]cc while browsing dubious websites. This rogue page promotes browser notification spam and redirects users to other (likely untrustworthy/dangerous) sites. Hotblolomi[.]cc and webpages akin to it are primarily accessed via redirects generated by websites emp
After examining Caveqn App (CaveqnApp), we found that it serves no legitimate purpose and has been flagged as malicious by multiple security vendors. Additionally, its certain components distribute malware loader called Legion Loader. Therefore, if Caveqn App is installed, it should be uninstalled
Our research team found the mjieiq[.]click rogue webpage during a routine inspection of suspicious sites. After examining this page, we learned that it promotes browser notification spam and causes redirects to other (likely dubious/dangerous) websites. Most visitors enter mjieiq[.]click and anal
Adsdoleads[.]top is a rogue page discovered by our researchers during a routine investigation of untrustworthy websites. Upon inspection, we determined that this webpage endorses browser notification spam and produces redirects to different (likely dubious/harmful) sites. The majority of visitors
NetGuard is promoted as a website reputation checker that allows users to check the safety of web pages and detect potentially malicious ones. However, NetGuard may be distributed through unreliable installers, so we have classified it as a potentially unwanted application. The risks relat
We have inspected the email and found that it is a fake email regarding pending emails and email account re-authentication. It is a phishing email designed to trick recipients into opening a deceptive web page and disclosing personal information. Emails of this type should be ignored to avoid data
After reviewing shafirewall[.]xyz, we found that it displays misleading content designed to trick visitors into allowing it to show notifications. The site can send fake warnings and other deceptive notifications if permission is granted. In general, it is an untrustworthy page that should be avoi
Boramae is a ransomware-type program. It is designed to encrypt data and demand ransoms for the decryption. Boramae appends filenames of encrypted files with a unique ID assigned to the victim and a ".boramae" extension, e.g., a file titled "1.jpg" becomes "1.jpg.{62C6A0A1-CB99-6138-914B-5F2CBAAA0
While investigating an installation setup promoted by a rogue webpage, we discovered the "Roxaq Apps" PUA (Potentially Unwanted Application). This program acts as a dropper for the Legion Loader malware. On our test machine, Roxaq Apps was installed together with the fake "Save to Google Drive" br