Our research team found jaadms[.]com while investigating dubious websites. After analyzing this rogue page, we learned that it promotes browser notification spam and redirects users to other (likely untrustworthy/dangerous) sites. Most visitors enter webpages like jaadms[.]com via redirects caused
"Fake Megaton Finance Website" refers to a site imitating the Megaton Finance DeFi platform (megaton.fi). We found the imitator scam on megaton[.]top, but it could be hosted on other domains. This scheme operates as a cryptocurrency drainer, i.e., it siphons digital assets from compromised crypto
Our researchers discovered the kelpboat[.]com rogue page while browsing suspicious websites. It is designed to endorse spam browser notifications and redirect visitors to other (likely unreliable/harmful) sites. Users primarily access kelpboat[.]com and similar websites through redirects generate
Inasmedia[.]com is the address of a rogue webpage discovered by our researchers during a routine investigation of dubious sites. Our examination revealed that this page promotes browser notification spam and redirects users to other (likely unreliable/hazardous) websites. Most visitors access web
During our inspection, we found that goends[.]com uses a deceptive technique to receive permission from visitors to show them notifications. Such websites should be avoided, and their notification permissions revoked if already granted. Another detail about sites like goends[.]com is that users do
Upon examining goadsonline[.]com, we found it employs a clickbait tactic to obtain permission from visitors to send them notifications. It is strongly advisable not to permit pages like goadsonline[.]com to display notifications. It is also important to note users usually do not visit such sites i
Our researchers discovered guenagial[.]com while inspecting suspicious sites. After examining this rogue page, we determined that it promotes browser notification spam and generates redirects to different (likely untrustworthy or dangerous) websites. Webpages like guenagial[.]com are primarily ac
L3MON is ransomware based on Chaos (another ransomware) that we discovered during inspection of malware samples submitted to VirusTotal. L3MON encrypts victim's files and renames them by appending its extension (four random characters). Also, L3MON creates a ransom note ("DecryptFiles.txt") and ch
Warmcookie is the name of a backdoor-type malware. Malicious programs within this classification are designed to open a "backdoor" to compromised systems; the goal is to cause further infection (i.e., download/install additional malware). Warmcookie has been around since at least the spring of 20
After reviewing dicanduchic[.]com, we have discovered that it employs a deceptive tactic to persuade visitors to grant notification permissions. Web pages like dicanduchic[.]com should not be allowed to display notifications. It is also worth mentioning that users typically do not visit such pages