Bigsupersweepstakes[.]com is a rogue webpage that promotes scams and browser notifications spam, and redirects users to other (likely dubious/dangerous) sites. Most visitors to such pages access them via redirects caused by websites that employ rogue advertising networks. Our researchers discover
We have examined flightsettle[.]site and found that it uses clickbait to get permission to show notifications. Once this permission is granted, flightsettle[.]site can display misleading notifications (e.g., fake warnings or offers) to trick users into opening deceptive sites. Thus, flightsettle[.
In our analysis of euopue[.]click, we discovered that the site's purpose is to obtain permission to show notifications. Euopue[.]click uses a deceptive method to trick users into allowing it to send notifications. Therefore, it is advisable to avoid visiting euopue[.]click. On euopue[.]cli
Our researchers discovered the behque[.]click rogue website during a routine inspection of suspicious sites. Upon examination, we determined that this page endorses browser notification spam and generates redirects to other (likely unreliable/dangerous) websites. The majority of visitors to behqu
"$OBT Airdrop" is a scam that masquerades as the official website of Orbiter Finance (orbiter.finance). The fake site promotes an airdrop of the OBT token (Orbiter Finance's native token). Users who attempt to participate in this bogus event – inadvertently expose their digital wallets to a crypto
We discovered EByte Locker while analyzing malware samples submitted to VirusTotal. During the inspection, we found that EByte Locker is ransomware based on Prince. Upon infiltration, EByte Locker encrypts files and appends ".EByteLocker" to them. It also changes the desktop wallpaper and provides
Our investigation into the Traw Dapp shows that security vendors classify it as malicious, and the app lacks any identifiable functions. Additionally, Traw Dapp is used to deliver Legion Loader, malware that can deliver harmful payloads. As a result, users should not install Traw Dapp and promptly
Spring is a malicious program based on CONTI ransomware. It is designed to encrypt data and demand ransoms for the decryption. Spring ransomware encrypts files and appends their names with a ".FIND_EXPLAIN.TXT.spring" extension. To elaborate, a file initially named "1.jpg" appears as "1.jpg.FIND_
During our analysis, we discovered that this is a phishing email disguised as a notification from FedEx, a legitimate American company specializing in transportation, e-commerce, and business services. The purpose of this deceptive email is to extract personal information from recipients through a
PNGPlug is a malware loader used in attacks targeting Chinese-speaking regions (such as Hong Kong, Taiwan, and mainland China). These campaigns often start with phishing websites designed to deceive users into running a malicious Microsoft Installer (MSI) package camouflaged as legitimate software