Hotbmejatu[.]today is a rogue webpage discovered by our researchers during a routine inspection of suspicious websites. It promotes spam browser notifications and redirects to other (likely dubious/malicious) sites. The majority of visitors to hotbmejatu[.]today and similar pages access them via
While investigating untrustworthy sites, our researchers discovered the orchael[.]fun rogue page. It operates by promoting browser notification spam and generating redirects to other (likely dubious/hazardous) websites. Most visitors to orchael[.]fun and similar webpages access them through redir
Our researchers discovered the news-xxajive[.]xyz rogue page while investigating suspicious websites. Upon examination, we learned that this webpage endorses browser notification spam and produces redirects to different (likely dubious/dangerous) sites. News-xxajive.xyz and pages akin to it are m
After inspecting this "$SUI Airdrop", we determined that it is fake. It masquerades as the Sui platform (sui.io) running an airdrop for its native token (SUI). The scam (which bears no association to the real Sui) operates as a cryptocurrency drainer. In other words, it steals funds from exposed d
We have examined the email and determined that it is a phishing attempt. The purpose of this scam email is to lure recipients into visiting a fake web page and entering personal information. It is important to recognize such emails and never respond to them or click the provided links. The
While investigating a rogue installation setup, our research team discovered a PUA (Potentially Unwanted Application) named "Kiicvoq Apps". This piece of software acts as a dropper for the Legion Loader malware. It also installs the fake "Save to Google Drive" browser extension. It is noteworthy t
After inspecting FlexibleRemote, we found that it exhibits characteristics of adware—the app is designed to display intrusive advertisements. Additionally, multiple security vendors have flagged it as malicious. As a result, it is strongly recommended to uninstall FlexibleRemote if it is already
We have inspected RecordPlatform and discovered that it has qualities of adware. The app is designed to display intrusive advertisements. Also, multiple security vendors flag RecordPlatform as malicious. Therefore, it is highly advisable to uninstall RecordPlatform if it is already present.
Our researchers discovered the TrustedSafeFinder adware while browsing new submissions to the VirusTotal website. This advertising-supported software is part of the AdLoad malware family. Adware is designed to generate revenue for its developers through advertising. Adware usually operat
Our research team found heriqo[.]info while inspecting suspicious websites. This rogue page endorses browser notification spam and redirects users to different (likely untrustworthy/harmful) sites. Most visitors access heriqo[.]info and analogous pages via redirects caused by websites that utiliz