Inasmedia[.]com is the address of a rogue webpage discovered by our researchers during a routine investigation of dubious sites. Our examination revealed that this page promotes browser notification spam and redirects users to other (likely unreliable/hazardous) websites. Most visitors access web
During our inspection, we found that goends[.]com uses a deceptive technique to receive permission from visitors to show them notifications. Such websites should be avoided, and their notification permissions revoked if already granted. Another detail about sites like goends[.]com is that users do
Upon examining goadsonline[.]com, we found it employs a clickbait tactic to obtain permission from visitors to send them notifications. It is strongly advisable not to permit pages like goadsonline[.]com to display notifications. It is also important to note users usually do not visit such sites i
Our researchers discovered guenagial[.]com while inspecting suspicious sites. After examining this rogue page, we determined that it promotes browser notification spam and generates redirects to different (likely untrustworthy or dangerous) websites. Webpages like guenagial[.]com are primarily ac
L3MON is ransomware based on Chaos (another ransomware) that we discovered during inspection of malware samples submitted to VirusTotal. L3MON encrypts victim's files and renames them by appending its extension (four random characters). Also, L3MON creates a ransom note ("DecryptFiles.txt") and ch
Warmcookie is the name of a backdoor-type malware. Malicious programs within this classification are designed to open a "backdoor" to compromised systems; the goal is to cause further infection (i.e., download/install additional malware). Warmcookie has been around since at least the spring of 20
After reviewing dicanduchic[.]com, we have discovered that it employs a deceptive tactic to persuade visitors to grant notification permissions. Web pages like dicanduchic[.]com should not be allowed to display notifications. It is also worth mentioning that users typically do not visit such pages
We have examined cilishardrys[.]com and learned that this page uses a deceptive method to trick visitors into granting it permission to show notifications. Websites like cilishardrys[.]com should not be allowed to send notifications. It is worth noting that users do not visit such pages intentiona
El Dorado (Eldorado) is ransomware derived from another ransomware known as LostTrust. It encrypts files, appends the ".00000001" extension to filenames, and creates a ransom note ("HOW_RETURN_YOUR_DATA.TXT"). An example of how El Dorado changes filenames: it renames "1.jpg" to "1.jpg.00000001", "
After investigating the "Bank Account Details" email, we determined that it is spam. The letter in question claims that the recipient has recently changed their banking information and that they can review their payment receipt in the attached file. Instead, this attachment redirects to a phishing