While reviewing suspect websites, our research team happened upon news-gebece[.]com. This rogue page operates by promoting browser notification spam. It can also redirect users to other (likely unreliable/hazardous sites. News-gebece[.]com and similar webpages are most commonly accessed via redire
We have examined this website (chain.link-treasurypools[.]com) and found that it is a fraudulent website offering to claim free tokens. Also, the site mimics the original Chainlink platform (chain.link) to appear legitimate. The purpose of the fake page is to drain victims' wallets. IMPORTAN
Our team discovered CCLand during an analysis of samples uploaded to VirusTotal. Upon inspecting the malware, we concluded that it is ransomware that encrypts files. In addition to encrypting data, CCLand appends the ".ccl" extension to filenames and drops a ransom note, "RECOVER_README.txt". An
We have found that ouseperwaganis[.]com is designed to mislead users into consenting to get its notifications. If allowed, it can send deceptive messages, such as fake alerts, to promote shady websites. Because of this, the site (and others like it) should be avoided, and any notification requests
Ptifirelaria[.]com is a rogue webpage discovered by our researchers during a routine investigation. After inspecting this page, we learned that it endorses spam browser notifications and redirects users to other (likely dubious/harmful) sites. Most visitors to ptifirelaria[.]com and similar webpag
While browsing untrustworthy sites, our research team discovered the advoiderce[.]com rogue webpage. Upon examination, we found that it is yet another site that promotes browser notification spam through a CAPTCHA-themed lure. This page can also redirect users elsewhere, likely unreliable or malic
Our researchers found the BAFAIAI ransomware while inspecting new file submissions to the VirusTotal site. This malicious program is part of the MedusaLocker ransomware family. BAFAIAI encrypts files and creates a ransom note. It adds a ".BAFAIAI" extension to their filenames. For example, a file
Eternidade is a malicious program written in the Delphi programming language. It is a stealer and banking trojan capable of extracting sensitive data from infected devices. Eternidade has been used to target users in Brazil. This malware can self-spread through WhatsApp spam. Eternidade is
Our review of thicationize.co[.]in shows that the site is created to trick users into enabling its notifications. If someone allows them, the site can push misleading content (e.g., fake warnings) directly to their device. Because of this, thicationize.co[.]in and similar pages should be avoided,
Our research team discovered hypstichly.co[.]in while investigating suspicious websites. After inspecting this rogue webpage, we learned that it promotes browser notification spam and generates redirects to other (likely dubious/dangerous) sites. Hypstichly.co[.]in and analogous pages are primaril