Qdla is the name of ransomware that is part of the ransomware family called Djvu. It encrypts files and modifies their filenames (it appends the ".qdla" extension to their filenames). Like most ransomware variants, Qdla creates a ransom note, the "_readme.txt" file containing contact and payment i
Fresh-content[.]biz is a rogue site akin to allactualjournal.com, rplnd1.com, myfreshspot.com, news-lipaze.cc, and countless others. It is designed to present visitors with dubious material and/or redirect them to different (likely unreliable or malicious) websites. Users typically enter webpages
Allactualjournal[.]com is an untrustworthy website sharing common traits with alert-defenders.com, sweetadvance.ru, fugles.net, and many others. It operates by loading questionable content and/or redirecting visitors to various (likely suspect or malicious) sites. Rogue webpages like allactualjou
Systemupdati[.]xyz is a deceptive website running various scams. At the time of research, this site promoted three schemes. One of the scams claims that visitors' iPhones may be vulnerable due to visits to dangerous sites; the other two - request users to install/update software to continue watc
Venus Tab is a browser hijacker designed to promote venustab.com - a fake search engine. Venus Tab hijacks a browser by changing its settings. In most cases, users install apps of this type unknowingly. Thus, they are called potentially unwanted applications (PUAs). Venus Tab changes the h
Fastbestcaptcha[.]top uses a clickbait technique to trick visitors into allowing it to deliver notifications. It also redirects visitors to other dubious pages. There are hundreds of pages like fastbestcaptcha[.]top, for example, alert-defenders[.]com, rplnd1[.]com, news-bogixo[.]cc. Users do not
"Your Outlook Account was logged in" is the name of an email spam campaign. These emails claim that a suspicious log-in was detected on recipients' Outlook accounts. The goal of these fake letters is to promote a phishing website, which is disguised as an email account sign-in page. The sc
Crypyt is a malicious program that is part of the VoidCrypt ransomware family. It is designed to encrypt data (render files unusable) and demand payment for the decryption (access/use recovery). Affected files are appended with the cyber criminals' email address, a unique ID assigned to the victi
Phoenix is the name of an information stealer written in the C programming language. It sends the stolen information to cybercriminals. It is known that Phoenix is for sale on a hacker forum. Its lifetime subscription costs 1500 rubles, and a monthly one costs 400 rubles per month. Phoenix
Alert-defenders[.]com is a rogue website designed to present visitors with dubious content and/or redirect them to other (likely unreliable or malicious) pages. The Internet is rife with sites of this type; rplnd1.com, desktopshieldprotection.com, myfreshspot.com, ngecauuksehi.xyz, and smartcaptch