Our analysis of BlackHeart has shown that this is ransomware belonging to the MedusaLocker family. Upon execution, BlackHeart encrypts data and appends the ".blackheart138" extension to files (e.g., renames "1.jpg" to "1.jpg.blackheart138", "2.png" to "2.png.blackheart138", etc.). It also drops a
We have inspected basicnetworkchain[.]com and learned that hosts the "You've visited illegal infected website" scam. Also, the page requests permission to show notifications and, if allowed, it bombards users with more deceptive content. Thus, it is highly dvisable to avoid visiting basicnetworkch
Parthonylogles[.]com is a rogue webpage discovered by our researchers during a routine inspection of dubious sites. Upon examination, we determined that this page endorses browser notification spam and redirects visitors to other (likely suspicious/dangerous) websites. Most users enter parthonylo
Netlify.app is a domain owned by Netlify - a legitimate Web hosting service that has been observed being abused by cyber criminals to host deceptive and possibly malicious content. Our researchers discovered one such page – glistening-haupia-e37bbf.netlify[.]app – while browsing suspicious website
Our researchers discovered the Omega Ad Blocker rogue browser extension while investigating suspicious websites. Although this extension is endorsed as an advertisement-blocking tool, it operates as adware – by displaying ads and collecting sensitive user information. Adware stands for adv
After inspecting this "Capital One - Card Restricted" email, we learned that it is fake. This fraudulent alert notifies the recipient of a secure message sent to them from the "Capital One Fraud Department". The goal is to trick recipients into visiting a phishing website disguised as a Capital On
While browsing suspicious websites, our research team found the viwew[.]click rogue page. After investigating this webpage, we determined that it endorses spam browser notifications and produces redirects to different (likely unreliable/hazardous) websites. The majority of visitors to viwew[.]cli
We have analyzed refreshedorder[.]com and determined that the page promotes the "Your Computer Has Corrupted Files" scam and wants to show notifications. Agreeing to receive notifications from refreshedorder[.]com can expose users to more scams and other online threats. Thus, refreshedorder[.]com
Our researchers discovered the allpurposenetwork.co[.]in rogue page while inspecting suspicious websites. This webpage promotes browser notification spam and generates redirects to other (likely dubious/hazardous) sites. Most visitors access allpurposenetwork.co[.]in and similar pages via redirec
Our analysis of the site (refreshedorder[.]com) revealed that it is a scam page designed to trick visitors into believing that their computer has corrupted files. This scam involves a fake system scan and a deceptive pop-up message. Scammers likely use it to steal personal information and (or) mon