Mockba encrypts files, renames them by adding the ".mockba" extension to filenames (e.g. "1.jpg" becomes "1.jpg.mockba"), and creates a ransom message within the "# HOW TO RECOVER YOUR DATA #.txt" text file. Software of this type is known as ransomware. These malicious programs are used to block
Firdayfun is a family of scam websites designed to promote untrustworthy software. This variation promotes Smart Mac Booster, a dubious application categorized as a Potentially Unwanted Application (PUA). Deceptive/Scam sites typically use scare tactics to encourage visitors into downloading/ins
DavesSmith (also known as Balaclava) is malicious software classified as ransomware. It is designed to encrypt data and demand ransom payments for decryption. There are two known variants of this ransomware. During the encryption process, all files are appended with the developer's email address:
My Flight Finder is advertised as an app that allows users to access websites, which provide information about the flights of various airlines. In fact, it operates as a browser hijacker, changing browser settings and gathering information. Typically, people do not download or install apps of thi
The PC Power is software endorsed as a system cleaner and optimizer. It is allegedly capable of freeing up storage space, detecting and removing unnecessary files, malware, spyware, adware, and other threats/issues. Due to its dubious proliferation methods, it is categorized as a Potentially Unwan
Derp is malicious software categorized as ransomware. Derp is a part of a ransomware family called Djvu. Like most programs of this type, it encrypts files so that victims cannot access or use them unless they pay ransoms to cyber criminals. Furthermore, Derp renames all encrypted files by changin
DynamicPanel is an app categorized as adware. It supposedly allows easy web browsing, however, it actually feeds users with intrusive advertisements. It also operates as an information tracking tool, recording details relating to users' browsing habits and other information. Most people downloa
Safe is a new variant of Paradise ransomware. It operates by encrypting data and demanding ransom payments for decryption. When encryption is underway, all files are appended with a unique ID number (generated individually for each victim), the developer's email address, and ".safe" extension (for
People who arrive at tencecatche[.]info are presented with dubious content or redirected to other untrustworthy websites. This site operates in a similar manner to many other rogue sites including, for example, robotornotchecks[.]online, zwenews[.]biz, and vikolidoskopinsk[.]info. In most cases,
Kronos is malicious software and a new variant of Ouroboros ransomware. It is designed to encrypt data and demand ransom payments for its recovery (i.e., payment for decryption tools/software). During the encryption process, all files are appended with the ransomware developer's email address, vi