Anxz is the name of a ransomware-type program that our researchers discovered while investigating new submissions to the VirusTotal website. This malicious program is based on the Chaos ransomware. It operates by encrypting data and demanding payment for its decryption. After we executed a sample
While inspecting adstopc[.]com, our team found that it displays misleading content to receive permission to send notifications. Moreover, adstopc[.]com has the potential to redirect visitors to other shady websites. We discovered adstopc[.]com during our examination of pages associated with rogue
While investigating new submissions to the VirusTotal site, our researchers discovered the LMAO ransomware. This program is based on the Chaos ransomware, and it is designed to encrypt data and demand ransoms for its decryption. On our test machine, LMAO encrypted files and appended their filenam
While examining secure-your-device[.]com, we learned that it is a deceptive website. Secure-your-device[.]com displays fake warnings and wants to show notifications. Our team came across secure-your-device[.]com while inspecting websites associated with rogue advertising networks. Once vis
While analyzing desparnd[.]com, we uncovered its utilization of a clickbait technique to entice visitors into granting permission for notifications. Our investigation of pages linked to unreliable advertising networks led us to discover desparnd[.]com. It is important to note that this website has
BuSaveLock is ransomware belonging to the MedusaLocker family. Our team discovered BuSaveLock while examining samples on the VirusTotal page. The purpose of BuSaveLock is to encrypt files and demand payment in return for their decryption. Also, this ransomware provides a ransom note ("How_to_back_
During our examination of gouddin[.]com, we found that this page uses clickbait to lure visitors into allowing it to show notifications. We discovered gouddin[.]com while inspecting pages associated with rogue advertising networks. It is worth mentioning that gouddin[.]com may redirect visitors to
Gserience[.]xyz is the address of a rogue webpage. It is designed to trick visitors into permitting its browser notification delivery. This page can also redirect them to other (likely untrustworthy/hazardous) sites. The majority of users access webpages like gserience[.]xyz through redirects cau
During our investigation of groovinews[.]com, we identified its utilization of deceitful methods, including the presentation of misleading messages and other content, to manipulate visitors into subscribing to notifications. Additionally, groovinews[.]com has the potential to redirect users to oth
Our research team found the gripehealth[.]com rogue page while examining untrustworthy websites. It is designed to push browser notification spam and redirect users to other (likely dubious/harmful) sites. Visitors to gripehealth[.]com and webpages akin to it – primarily access them through redir