Moba is malicious software belonging to the Djvu ransomware family. Systems infected with this malware have their data encrypted and users receive ransom demands for decryption tools/software. During the encryption process, files are appended with the ".moba" extension. To elaborate, following en
Belonging to a ransomware family called Djvu, Pykw encrypts files, appends its extension to each encrypted file, and creates a ransom message. For example, it would rename "1.jpg" to "1.jpg.pykw", "2.jpg" to "2.jpg.pykw", and so on. Instructions about how to contact the cyber criminals behind Pyk
CollectorStealer (also known as DCStealer) is malicious software which allows cyber criminals to steal various sensitive information (e.g. passwords, credit card details) and files. This malware is for sale on a hacker forum for $12 or $75 (depending on the subscription type). It is advertised on
Image Seeker is a browser hijacker which assigns certain browser settings to image-seeker.com. In this way, the app promotes the fake search engine web site. Most browser hijackers also track and record information. Typically, users download and install apps such as Image Seeker unintentionally a
System Care Pro is a system cleaner supposedly designed to improve computer performance. In fact, this software is categorized as a potentially unwanted application (PUA), due to the methods used by developers to distribute it. Commonly, users download and install PUAs unintentionally and these bo
The "Gift card giveaway" is a scam promoted on various deceptive websites. This scheme offers fake gift cards for popular brands/services. For example, Amazon, eBay, Google Play, iTunes, Microsoft, MasterCard, PayPal, Skype, Netflix, Nintendo, PlayStation, Roblox, and so on. This scheme redirects
Discovered by dnwls0719, Baraka Team is the name of malicious software classified ransomware. Systems infected with this malware have their data encrypted so that ransom demands can be made for decryption tools/software. Most ransomware-type programs rename compromised files and/or append them wi
"Request for quotation" is a scam email designed to proliferate the Agent Tesla Remote Access Tool (RAT). When used for malicious purposes, it is classified as a Remote Access Trojan. The emails supposedly concern an urgent order and recipients are asked to provide relevant specification of this
Chinz belongs to the Phobos ransomware family. This is a typical ransomware infection designed to encrypt files, modify their filenames, and provide instructions about how to contact the developers regarding decryption. Chinz changes the name of each encrypted file by adding the victim's ID, yuzh
"Secure Parking" is the name of a spam email campaign. These scam messages are disguised as final warning notifications from Secure Parking, a legitimate international parking service provider. Note that the email is in no way connected to the genuine Secure Parking car park operator. The message