Our researchers discovered this application named "Cuiall Apps" while analyzing a rogue installation setup. Upon examination, we determined that this piece of software is a PUA (Potentially Unwanted Application). It is designed to infiltrate the Legion Loader malware into systems. Cuiall Apps was
Hotbmefene[.]today is a rogue webpage that promotes browser notification spam by using a fake CAPTCHA verification test (other lures are possible). Additionally, this page can redirect users elsewhere (likely unreliable/hazardous) websites. Most visitors to hotbmefene[.]today and similar webpages
Our analysis of hotbyikale[.]cc reveals that the site employs clickbait tactics to gain permission to deliver notifications. Websites that rely on deceptive strategies to obtain this permission are untrustworthy, as they misuse it to push scams and other dubious content. Thus, hotbyikale[.]cc and
Our discovery of M142 HIMARS occurred during the analysis of malware samples submitted to VirusTotal and showed that this malware is ransomware belonging to the MedusaLocker family. M142 HIMARS is designed to encrypt files and append ".M142HIMARS" to them. Also, the ransomware changes the desktop
Our inspection of osdnetwork[.]xyz has shown that the page uses clickbait to obtain permission to show notifications. Sites that use deceptive methods to receive this permission cannot be trusted, as they often misuse it to promote scams and other unreliable pages. Thus, if osdnetwork[.]xyz is enc
Our research team discovered hotbsopika[.]cc while browsing dubious websites. This rogue webpage is designed to promote browser notification spam and generate redirects to other (likely unreliable/hazardous) sites. At the time of research, hotbsopika[.]cc did so by utilizing a fake CAPTCHA verific
Hotbmejatu[.]today is a rogue webpage discovered by our researchers during a routine inspection of suspicious websites. It promotes spam browser notifications and redirects to other (likely dubious/malicious) sites. The majority of visitors to hotbmejatu[.]today and similar pages access them via
While investigating untrustworthy sites, our researchers discovered the orchael[.]fun rogue page. It operates by promoting browser notification spam and generating redirects to other (likely dubious/hazardous) websites. Most visitors to orchael[.]fun and similar webpages access them through redir
Our researchers discovered the news-xxajive[.]xyz rogue page while investigating suspicious websites. Upon examination, we learned that this webpage endorses browser notification spam and produces redirects to different (likely dubious/dangerous) sites. News-xxajive.xyz and pages akin to it are m
After inspecting this "$SUI Airdrop", we determined that it is fake. It masquerades as the Sui platform (sui.io) running an airdrop for its native token (SUI). The scam (which bears no association to the real Sui) operates as a cryptocurrency drainer. In other words, it steals funds from exposed d