Our researchers found the mospross.co.in rogue page while inspecting questionable websites. Upon examination, we determined that this webpage promotes browser notification spam and redirects users to other (likely unreliable/hazardous) sites. Most visitors to mospross.co[.]in and similar pages ent
While browsing dubious websites, our researchers discovered the bachlobeekeled[.]com rogue webpage. It operates by promoting browser notifications spam and redirecting users to other (likely unreliable/harmful) sites. Bachlobeekeled[.]com and analogous pages are primarily accessed through redirect
Mesofirewall.co[.]in is a rogue webpage discovered by our research team during a routine investigation of suspicious sites. After examining this page, we learned that it promotes browser notification spam and redirects users to different (likely dubious/malicious) websites. Webpages like mesofirew
"Cuponomia - Cupom e Cashback" is an unwanted browser extension promoted as a money-saving tool for Brazilian users. To expand upon its advertised capabilities, the software can notify users of available coupons or cashback offers for e-commerce platforms. However, this extension spies on users' b
Our researchers discovered this fake "Haedal Airdrop" while investigating untrustworthy websites. It masquerades as the Haedal platform (haedal.xyz). Victims are lured by this scam into exposing their cryptowallets to a cryptocurrency drainer with the promise of an airdrop. IMPORTANT NOTE: W
Our researchers discovered the PowerLocker ransomware while inspecting new file submissions to the VirusTotal site. Ransomware is a type of malware that encrypts the victim's files in order to demand ransoms for the decryption. After we executed a sample of PowerLocker on our test machine, it enc
We have analyzed tageraplaby.co[.]in and concluded that the purpose of this page is to deliver misleading notifications to users to promote other shady sites. Tageraplaby.co[.]in uses clickbait to trick visitors into allowing it to show notifications. Users should be careful when encountering such
Gremlin is a stealer-type malicious program written in the C# programming language. This malware has been around since the early spring of 2025. Gremlin stealer targets a variety of sensitive data, including log-in credentials (usernames/passwords), credit card numbers, and cryptocurrency wallets.
We have examined ghtlidings.co[.]in and determined that it is a fraudulent website designed to deceive users into granting permission for notifications. Once notifications are enabled, the site sends misleading alerts and other deceptive messages. Thus, ghtlidings.co[.]in and similar sites should
During our analysis of the page (aml-cryptocheck[.]net), we uncovered that it is a fake web page masquerading as the original TON (ton.org) site. Scammers use the fraudulent page to lure unsuspecting visitors into performing actions that can lead to the loss of their cryptocurrency. IMPORTAN