prize-mania[.]mobi is an untrustworthy website, which redirects visitors to other sites of this kind or displays dubious content. Generally, people do not visit/open prize-mania[.]mobi intentionally - in most cases, browsers open these web pages when a potentially unwanted application (PUA) is ins
Mon-thu is a family of many untrustworthy web pages that deceptively advertise dubious applications. Mon-thu tricks people into believing that their Mac computers are infected with viruses and encourages them to download and install the Smart Mac Booster app (or other similar apps). Websites of
Discovered by Jakub Kroustek, this ransomware belongs to the Crysis/Dharma malware family. oo7 is designed to encrypt data and keep it locked, until a ransom is paid (i.e. until the decryption tool is purchased). During the encryption process, files are renamed with the victim's unique ID number,
AppleJeus is the name of backdoor malware that was distributed by the Lazarus group. They spread this malicious software through a fake app disguised as a cryptocurrency trading application called Celas Trade Pro. There is now a new trojanized cryptocurrency trading app called JMT Trader that o
Leto is malicious software, belonging to the Djvu ransomware family. It operates by encrypting data and keeping it locked until a ransom is paid (i.e., decryption software/tool and a unique key are purchased). As Leto encrypts, it renames all files by adding the ".leto extension. For example, a f
Discovered by dnwls0719, Cobain is malicious software classified as ransomware. Cobain originates from another ransomware infection called Hermes837. It is designed to encrypt data and keep it inaccessible until a ransom is paid (i.e. until the decryption software/tool and private key is purchased
Mondaysunday is a deceptive website used to advertise a rogue application called Smart Mac Booster. When opened, it informs visitors that their computers are infected with viruses and encourages them to remove the threats with the aforementioned application. Websites such as Mondaysunday and ap
mybestmv.com is a rogue website designed to cause redirects to other dubious sites. It is virtually identical to notifychheck.com, servedbytrackingdesk.com, notification-browser.tools, and many others. Generally, users visit mybestmv.com inadvertently - they are redirected by potentially unwanted
The pop-up message "nspchlpr will damage your computer. You should move it to the Bin." is associated with the Similar Photo Cleaner application. Nspchlpr files originate during the installation process of this rogue app. This is a more likely occurrence on devices with the Catalina version of t
Discovered by Jakub Kroustek, KRAB (not to be confused with KRAB ransomware of the same name) is malicious software belonging to the Dharma ransomware family. KRAB encrypts files and demands ransom payments for decryption. During data encryption, it renames all files with the victim's unique ID nu