We have inspected the Lockdown malware and found that it operates as ransomware. We discovered this ransomware while examining malware samples on VirusTotal. Our analysis has shown that Lockdown encrypts files and appends the ".lockdown" extension to filenames. Also, it locks the screen and displa
Our researchers discovered the broidfit[.]com rogue page while browsing untrustworthy websites. Upon inspecting this webpage, we learned that it aims to trick users into consenting to its browser notification delivery. Additionally, the page can generate redirects to other (likely dubious/dangerou
After inspecting the "Join Injective Airdrop", we determined that it is fake. We found this scam endorsed on injective.claim-foundation[.]site, but it could be hosted on other domains. This webpage imitates the Injective platform (injective.com) and lures users with a promise of an INJ token airdr
Our researchers discovered checkouroffer[.]com while browsing suspicious websites. After examining this rogue page, we learned that it endorses browser notification spam and redirects users to different (likely untrustworthy and/or hazardous) sites. Checkouroffer[.]com and similar webpages are pr
Celebbuzzingfunny[.]top is the address of a rogue page that promotes browser notification spam and generates redirects to other (likely untrustworthy/hazardous) websites. Our research team discovered this webpage during a routine inspection of dubious sites. Most users access celebbuzzingfunny[.]
While investigating suspicious websites, our research team discovered this "Aave check eligibility" scam on app-aave[.]co (keep in mind it could be hosted elsewhere). Regardless of potential visual similarities, this deceptive page is not associated with any existing projects, platforms, or entiti
Niko is ransomware (belonging to the Makop family) that we discovered while examining malware samples uploaded to VirusTotal. Niko encrypts files and appends a string of random characters (likely the victim's ID), an email address, and the ".niko" extension to filenames. Also, it drops a ransom no
Discovered by S!Ri, Sauron is a ransomware-type program. Malicious software of this kind is designed to encrypt files and demand payment for the decryption. After we executed a sample of this ransomware on our test machine, it encrypted files and appended their names with a unique ID assigned to
Our examination of deszubaton[.]com revealed that it presents misleading content and requests permission to send notifications. Visiting the site and granting it permission to show notifications can put users at risk of various scams and threats. Therefore, it is strongly recommended not to trust
While inspecting untrustworthy websites, our researchers discovered this fake "$BabyElon Allocation". We found this scam on babyelon-claim[.]net, yet it could be hosted elsewhere. Although it claims to be distributing the BabyElon memecoin, this deceptive webpage acts as a crypto drainer. Victims