Hedgehag.com
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
| Ranking: | 1,857 |
| Threat Level: | 20 % (Normal) |
| Infected Computers: | 2,532 |
| First Seen: | August 22, 2022 |
| Last Seen: | February 15, 2023 |
| OS(es) Affected: | Windows |
Hedgehag.com is a site that has been confirmed to show deceptive and clickbait messages to take advantage of its visitors. There are countless rogue websites of this type, and they are rarely visited by users intentionally. Instead, they are typically opened as a result of forced redirects caused by visiting pages with rogue advertising networks or by having PUPs (Potentially Unwanted Programs) present on the device.
The scheme propagated by Hedgehag.com exploits the legitimate push notifications browser feature. The site tries to convince users under various pretenses to click the displayed 'Allow' button without revealing that doing so will subscribe them to its push notifications. The goal of the rogue page is to abuse the received browser permissions to deliver unwanted advertisements to users. The advertisements may take the form of banners, redirects, pop-ups, notifications, etc.
As for the exact false scenario observed on the page, it may vary based on the user's IP address, geolocation and possibly other factors. One of the observed scenarios tries to lure users by claiming that pressing 'Allow' will grant them access to a video. Other popular scenarios imply that users must pass a CAPTCHA check or that pressing the button will make a file available for download.
The problem with the advertisements generated by such unproven or dubious sources is that they are often used to promote more hoax websites or intrusive PUPs (Potentially Unwanted Programs). Users could be presented with advertisements for fake giveaways, technical support frauds, phishing schemes, shady adult pages, etc.
