Our team has inspected ShadowLock (which we found while inspecting samples on VirusTotal) and concluded that it is ransomware that blocks access to files by encrypting them. It also changes filenames (by appending the ".LOCKEDxX" extension) and provides a ransom note, which is a full-screen image.
Gocenumpy[.]com is a rogue page discovered by our researchers while browsing suspicious sites. Upon examination, we learned that it promotes browser notification spam and generates redirects to other (likely unreliable/harmful) websites. Most visitors access gocenumpy[.]com and analogous webpages
Upon inspecting news-huyago[.]com, we concluded that it is a deceptive page because it uses clickbait to obtain permission to show notifications. If visitors allow the site to do so, it can deliver unwanted notifications containing fake warnings, offers, or similar content. Users should not trust
We have discovered that sesifors[.]com relies on clickbait to trick visitors into allowing notifications. Once permitted, the site may send fake alerts, misleading offers, and other deceptive messages that direct users to potentially malicious websites. Overall, sesifors[.]com is not a trustworthy
We have inspected the website (usacoinsol[.]xyz) and concluded that it promotes a fake airdrop. These “airdrops” are typically used to deceive users into believing they will receive free cryptocurrency, while manipulating them into actions that benefit scammers. Falling for such scams can result i
While browsing suspicious websites, our researchers found this fake "Wojak" airdrop. Upon further inspection, we determined that this deceptive page operates as a cryptocurrency drainer. Essentially, this scam steals funds from compromised digital wallets. IMPORTANT NOTE: We do not review cr
Our researchers found the prochainedge[.]com rogue page while investigating suspicious websites. It operates by promoting browser notification spam and redirecting users to different (likely unreliable/harmful) sites. Most users access prochainedge[.]com and similar webpages via redirects caused b
While browsing suspicious websites, our researchers discovered this fake "OpenChat ($CHAT) Token" airdrop. The webpage impersonates OpenChat's official website (oc.app) and promotes an airdrop of the CHAT token. The purpose of this scam is to deceive visitors into exposing their digital wallets to
Our researchers discovered this fake "Xmas Cult (XMAS)" airdrop while investigating deceptive websites. Upon examination, we determined that this scam operates as a cryptocurrency drainer. It seeks to steal the digital assets stored in victims' cryptowallets. IMPORTANT NOTE: We do not review
After inspecting this "Security Alert: Unsuccessful Login On A New Device" email, we determined that it is fake. This message informs the recipient of an unsuccessful sign-in attempt to their email account. If they do not recognize this activity, they are urged to take immediate action. The goal i