QuicklookPI is a rogue application classified as adware. This app has been observed being distributed alongside other adware and browser hijackers, notably, SearchUp. Adware operates by running intrusive advertisement campaigns, i.e., delivering various ads. Browser hijackers promote (by causin
CHEATER is a ransomware-type program. Systems infected with this malware have the data stored on them encrypted; hence, victims are unable to use their files. Afterwards, ransom notes are created, which demand payment for the decryption - access recovery to the data. During the encryption process
"KIO KOREA Email Virus" refers to a malware-spreading spam campaign - a mass-scale operation during which deceptive emails are sent by the thousand. The scam letters sent through this campaign - request recipients to provide a product quote in accordance with the provided order list. It must be e
Up-load[.]io is a file hosting website offering users unlimited download and upload speed, 50 GB free storage, and share their uploads via direct links. Also, this page offers to receive payment depending on the sold files. It is noteworthy that up-load[.]io uses rogue advertising networks - it h
It is common that scammers use phishing websites to trick users into providing sensitive information. Although, it is uncommon for such pages to be visited by users intentionally. In most cases, phishing pages get opened after clicking on shady advertisements, through other dubious pages, or by i
"Important Defender update available" is a fake message displayed by untrustworthy websites. This scam claims that users need to update their Windows Defender anti-virus software. It must be emphasized that this scheme is in no way associated with the Microsoft Corporation - Windows product develo
The Internet is rife with untrustworthy websites, bengekoo[.]com is but one of them. Pyiera.com, kpoila.com, topgirlsdating.com - are a couple examples of others. The bengekoo[.]com page operates by presenting visitors with dubious content and/or redirecting them to rogue/malicious sites. Typical
Ransomware is a type of malicious software that encrypts files (makes them inaccessible/unusable) and generates a ransom note. Wannapay is new variant of the RIP Lmao ransomware. It encrypts files and appends the ".wannapay" extension to their filenames. For instance, it renames a file named "1.j
It is not common for pages like spleasedon[.]fun to be visited, opened by users on purpose. Typically, these sites get opened after clicking on questionable advertisements, while visiting other shady websites, or by potentially unwanted applications (PUAs) that users have installed on their browse
Secureblogcn[.]com is an untrustworthy site running various scams. At the time of research, it promoted multiple variants of the "VPN Update" scheme. In essence, these scams attempt to trick users into downloading/installing and/or purchasing VPN software - through misleading or outright decepti