Threat Scorecard

Ranking: 1,857
Threat Level: 20 % (Normal)
Infected Computers: 2,532
First Seen: August 22, 2022
Last Seen: February 15, 2023
OS(es) Affected: Windows

Hedgehag.com is a site that has been confirmed to show deceptive and clickbait messages to take advantage of its visitors. There are countless rogue websites of this type, and they are rarely visited by users intentionally. Instead, they are typically opened as a result of forced redirects caused by visiting pages with rogue advertising networks or by having PUPs (Potentially Unwanted Programs) present on the device.

The scheme propagated by Hedgehag.com exploits the legitimate push notifications browser feature. The site tries to convince users under various pretenses to click the displayed 'Allow' button without revealing that doing so will subscribe them to its push notifications. The goal of the rogue page is to abuse the received browser permissions to deliver unwanted advertisements to users. The advertisements may take the form of banners, redirects, pop-ups, notifications, etc.

As for the exact false scenario observed on the page, it may vary based on the user's IP address, geolocation and possibly other factors. One of the observed scenarios tries to lure users by claiming that pressing 'Allow' will grant them access to a video. Other popular scenarios imply that users must pass a CAPTCHA check or that pressing the button will make a file available for download.

The problem with the advertisements generated by such unproven or dubious sources is that they are often used to promote more hoax websites or intrusive PUPs (Potentially Unwanted Programs). Users could be presented with advertisements for fake giveaways, technical support frauds, phishing schemes, shady adult pages, etc.


Most Viewed