Nesa is malicious software discovered by Michael Gillespie and belonging to the Djvu ransomware family. Cyber criminals create programs of this type to extort money from victims by forcing them to pay ransoms for decryption tools and/or keys. Typically, it is impossible to decrypt files encrypted
your-mac-security-analysis[.]net is an untrustworthy, deceptive website designed to trick people into installing a rogue app called Cleanup My Mac. To achieve this, your-mac-security-analysis[.]net displays a fake message/notification stating that the computer is infected with viruses and that t
GMERA (also known as Kassi trojan) is malicious software that disguises itself as Stockfolio, a legitimate trading app created for Mac users. Research shows that there are two variants of this malware, one detected as Trojan.MacOS.GMERA.A and the other as Trojan.MacOS.GMERA.B. Cyber criminals p
Banks is a piece of malicious software, classified as ransomware. It is part of the Phobos ransomware family. Credit for discovering Banks belongs to GrujaRS. This malignant program encrypts files and keeps them on lockdown, unless the victim pays a ransom (i.e. purchases the decryption tool/softw
apple.com-clean-mac[.]website is one of many deceptive websites that informs victims of viruses that they have supposedly detected on visitors' computers. The main goal of these sites is to trick people into installing a dubious app that will apparently remove the viruses. In this case, visitor
Indofuels is a legitimate company, however, some cyber criminals use the name to make their scams seem official. In many cases, criminals use the names of legitimate companies to trick recipients into believing that they have received an official email. Neither Indofuels nor other legitimate comp
Download Forms Now is a browser hijacker, however, it is advertised as providing quick access to various forms and a search engine (search.easyformsnowtab.com). Most users install this application inadvertently, and thus it is categorized as a PUA (potentially unwanted application). This app work
news-jupiter[.]com operates like many other untrustworthy websites of this type including videommm[.]pro, mediasvideo[.]world, and folmetor[.]com. Typically, these sites are opened by potentially unwanted applications (PUAs) installed on browsers or computers, or through deceptive ads. In any cas
Discovered by Michael Gillespie and part of the Djvu ransomware family, this software encrypts data and creates a ransom message (within the "_readme.txt" text file), which contains instructions about how to pay a ransom. Typically, victims cannot decrypt their files without a decryption tool and
MacEnizer is categorized as a potentially unwanted application (PUA), since developers promote it using dubious, deceptive methods. Most people download and install PUAs unintentionally, however, MacEnizer is advertised as a system optimizer, a tool that supposedly cleans and maintains Mac compu