Discovered by Vitali Kremez, FuxSocy ENCRYPTOR is malicious software, classified as ransomware. This malware emulates Cerber ransomware. It operates by encrypting data and demanding ransom payments for decryption. During FuxSocy ENCRYPTOR encryption, each file is renamed with a randomized filename
CCryptor is ransomware-type software that encrypts files using the AES-256 encryption algorithm and creates a ransom message (within the "README!!!.txt" file). It also renames all encrypted files by changing extensions to ".ccryptor". For example, "1.jpg" becomes "1.jpg.ccryptor". To regain acces
Discovered by GrujaRS, Hdmr (also known as GO-SPORT) is a ransomware infection. This malicious software is designed to encrypt victims' data and demand ransom payments for decryption. During the encryption process, all files are renamed using the ".hdmr" extension. For example, "1.jpg" becomes "1
Xxxinstant is malicious software designed to block access to data by encryption. Victims cannot use their files unless they decode them with decryption software, which can purchased from the cyber criminals who designed Xxxinstant. This ransomware is a new variant of another ransomware infection c
Discovered by MalwareHunterTeam, PhobosImposter is malicious software categorized as ransomware. It also emulates Phobos ransomware. PhobosImposter is designed to encrypt data and keep it locked, until a ransom is paid. During the encryption process, all files are renamed with the ".phobos" extens
Qbit System Care (or Qbit ~System Care) is a potentially unwanted application (PUA) designed to clean, optimize, and speed up Windows computers. It is categorized as a PUA due to the method that developers use to distribute it - they include Qbit System Care into the set-ups of other programs. Ty
apple.com-mac-optimizer[.]live is a scam website, which uses scare-tactics to trick people into installing the Cleanup My Mac application. When accessed, it alerts visitors of various threats it has detected and promotes the app to eliminate them. Note that no website can detect infections/issue
Mockba encrypts files, renames them by adding the ".mockba" extension to filenames (e.g. "1.jpg" becomes "1.jpg.mockba"), and creates a ransom message within the "# HOW TO RECOVER YOUR DATA #.txt" text file. Software of this type is known as ransomware. These malicious programs are used to block
Firdayfun is a family of scam websites designed to promote untrustworthy software. This variation promotes Smart Mac Booster, a dubious application categorized as a Potentially Unwanted Application (PUA). Deceptive/Scam sites typically use scare tactics to encourage visitors into downloading/ins
DavesSmith (also known as Balaclava) is malicious software classified as ransomware. It is designed to encrypt data and demand ransom payments for decryption. There are two known variants of this ransomware. During the encryption process, all files are appended with the developer's email address: