Mon-thu is a family of many untrustworthy web pages that deceptively advertise dubious applications. Mon-thu tricks people into believing that their Mac computers are infected with viruses and encourages them to download and install the Smart Mac Booster app (or other similar apps). Websites of
Discovered by Jakub Kroustek, this ransomware belongs to the Crysis/Dharma malware family. oo7 is designed to encrypt data and keep it locked, until a ransom is paid (i.e. until the decryption tool is purchased). During the encryption process, files are renamed with the victim's unique ID number,
AppleJeus is the name of backdoor malware that was distributed by the Lazarus group. They spread this malicious software through a fake app disguised as a cryptocurrency trading application called Celas Trade Pro. There is now a new trojanized cryptocurrency trading app called JMT Trader that o
Leto is malicious software, belonging to the Djvu ransomware family. It operates by encrypting data and keeping it locked until a ransom is paid (i.e., decryption software/tool and a unique key are purchased). As Leto encrypts, it renames all files by adding the ".leto extension. For example, a f
Discovered by dnwls0719, Cobain is malicious software classified as ransomware. Cobain originates from another ransomware infection called Hermes837. It is designed to encrypt data and keep it inaccessible until a ransom is paid (i.e. until the decryption software/tool and private key is purchased
Mondaysunday is a deceptive website used to advertise a rogue application called Smart Mac Booster. When opened, it informs visitors that their computers are infected with viruses and encourages them to remove the threats with the aforementioned application. Websites such as Mondaysunday and ap
mybestmv.com is a rogue website designed to cause redirects to other dubious sites. It is virtually identical to notifychheck.com, servedbytrackingdesk.com, notification-browser.tools, and many others. Generally, users visit mybestmv.com inadvertently - they are redirected by potentially unwanted
The pop-up message "nspchlpr will damage your computer. You should move it to the Bin." is associated with the Similar Photo Cleaner application. Nspchlpr files originate during the installation process of this rogue app. This is a more likely occurrence on devices with the Catalina version of t
Discovered by Jakub Kroustek, KRAB (not to be confused with KRAB ransomware of the same name) is malicious software belonging to the Dharma ransomware family. KRAB encrypts files and demands ransom payments for decryption. During data encryption, it renames all files with the victim's unique ID nu
Ummhlpr is one of many unwanted applications that are installed together with other apps of this kind. In this particular case, users install Ummhlpr through an app called Unpollute My Mac. People who have Ummhlpr installed on MacOS Catalina (the latest MacOS operating system) are forced to enc