the mob1ledev1ces[.]com site is designed to download a .dmg file, a fake installation setup disguised as an Adobe Flash Player installer. Typically, fake Adobe Flash Player installers and updaters are designed to distribute potentially unwanted applications (PUAs) such as browser hijackers, adwa
FlowAds is adware, which is endorsed to enhance the browsing experience. It is supposedly capable of providing additional and improved search results, however, it actually runs intrusive advertisement campaigns, which significantly diminish the browsing experience. Furthermore, it possess data tr
mkob.xyz is the address of a fake search engine. Typically, fake search engines are promoted through browser hijackers, potentially unwanted applications (PUAs) that change certain browser settings. Note that mkob.xyz is promoted through a PUA called CERX, however, other apps (such as APP) can als
Mkos is malicious software belonging to the Stop/Djvu ransomware family. It operates by encrypting data and demanding ransom payments for decryption. During the encryption process, all filenames are appended with the ".mkos" extension. For example, "1.jpg" appears as "1.jpg.mkos", and so on for a
RedRum encrypts files, rendering them inaccessible unless victims recover them with decryption software and keys that can purchased from the cyber criminals who designed this ransomware. RedRum renames all encrypted files by adding the victim's ID and moncler@tutamail.com email address to their fi
Discovered by GrujaRS, Chch is a ransomware infection. This malicious software is designed to encrypt data and demand ransom payments for decryption tools/software. When Chch encrypts, all affected files are renamed with the ".chch" extension. For example, "1.jpg" would appear as "1.jpg.chch" fol
preciseeditor[.]pw is a deceptive website designed to trick people into installing unwanted software through a fake Adobe Flash Player updater. Its setup contains MyCouponsmart adware, the SearchMine browser hijacker and a rogue application called Mac Cleanup Pro. Both of these apps are categor
Discovered by dnwls0719, Bobelectron is a malicious program classified as ransomware. This malware is designed to encrypt the data of infected devices. Cyber criminals behind the infection demand ransom payments for decryption of files. When Bobelectron encrypts, all files are renamed with the ".b
AreaProduct is a potentially unwanted application (PUA), which is classified as adware. Generally, these apps serve various advertisements and collect browsing data. Few people download or install apps such as AreaProduct intentionally - another reason why they are classified as PUAs. Some
Belonging to the Stop/Djvu ransomware family, Nbes is malicious software designed to encrypt data and demand ransom payments for decryption. During the encryption process, all compromised files are appended with the ".nbes" extension. Therefore, "1.jpg" would appear as "1.jpg.nbes", and so on. On