While inspecting soguy[.]top, we found that it presents a misleading message to lure visitors into accepting its notifications. Usually, notifications from pages like soguy[.]top are unreliable and can lead to other shady sites. Thus, users should not permit soguy[.]top and similar websites to sen
Our team has tested BinaryAccessibility and found that this app falls into the category of adware. When installed and active, BinaryAccessibility can display annoying and possibly misleading advertisements. Users often install apps like BinaryAccessibility accidentally due to deceptive distribut
After inspecting this "Multiverse Connect Wallet" site, we determined that it is fake. We found the scam on resolve-connect.pages[.]dev, but it could be hosted on other domains as well. The scheme works as a cryptocurrency drainer; it is designed to steal funds from compromised digital wallets. I
After inspecting "$ETHFI Eligibility Check", we determined that it is a scam. We found it promoted on governance-etherfi[.]app, but it could be hosted elsewhere. It operates as a cryptocurrency drainer, which is triggered whenever a user connects their digital wallet to the fake page. IMPORT
After reading the "We Updated Our Policy" email, we determined that it is spam. The letter falsely claims that the recipient's email account risks deactivation. The goal of this scam is to trick users into disclosing their email log-in credentials (passwords) into a phishing website. This
While investigating dubious websites, our research team discovered bindszone[.]club. This rogue webpage promotes browser notification spam and generates redirects to different (likely unreliable/harmful) sites. Bindszone[.]club and similar pages are most commonly accessed via redirects caused by
BivaApp is the name of a PUA (Potentially Unwanted Application). Software within this category usually has undesirable or harmful capabilities. Our researchers discovered this app while investigating a Torrenting website that uses rogue advertising networks. This site produced a redirect to a dec
Alltullos24[.]com is the address of a rogue page discovered by our researchers during a routine inspection of suspicious websites. Our examination revealed that this webpage endorses browser notification spam and redirects visitors to other (likely unreliable/hazardous) sites. Users primarily ent
Our researchers found the Qual ransomware during a routine investigation of new submissions to the VirusTotal platform. This malicious program is part of the Djvu ransomware family. After executing a sample of this ransomware on our testing system, we learned that it renames the files it encrypts
Our research team discovered the WebFraction application while reviewing new file submissions to the VirusTotal website. Upon examination, we determined that WebFraction is advertising-supported software (adware). This app belongs to the AdLoad malware family. Adware stands for advertisi