Deceiving domain - homededruju.com
Homededruju.com website might show up at any time during web browsing sessions - the activity might be initiated by adware, although users might encounter the domain after being rerouted from somewhere else on the web. Immediately, Homededruju.com triggers a prompt that asks for permission to subscribe to push notifications from the site. Users get mostly convinced due to a social engineering trick used by the authors - allegedly, an underlying content will be shown as soon as the "Allow" button is pressed.
Upon agreement, users start to receive pop-up ads directly on their desktops. Some adverts might be harmless and advertise legitimate websites or services, while others might scam users into installing potentially unwanted applications, pay for useless tech support services, or provide personally-identifiable information. ESET security solutions detect the malicious JS component on the site - JS/Adware.Agent.AC. The obfuscated JavaScript might execute malicious commands that would display malware-laden ads. Under certain circumstances, this would allow Homededruju.com to deliver and install malicious software without user interaction.
| Name | Homededruju.com |
| Type | Push notification virus |
| Hidden components | The website hosts background JavaScript that might trigger automatic malware installation |
| Aim | The website seeks to make users subscribe to push notifications. If agreed, pop-up ads will show up directly on their screens at any time when the computer is operational, even when the web browser is off |
| Associated risks | Exposed users might be prompted to install potentially unwanted programs or, transfer money to tech support scammers, disclose personal details |
| Detection | JS/Adware.Agent.AC (ESET Nod) |
homededruju.com violations
2CR-015: Homededruju.com hosts a malicious JavaScript that might trigger an automatic installation of malware
2CR-006: Tricks users into subscribing for sponsored ads
