Developers present the PDFSpark application as a Mac tool capable of opening, converting, and annotating PDF files. These features may seem useful, however, this app is promoted using the "bundling" method. Apps promoted in this way are categorized as potentially unwanted applications (PUAs). F
First discovered by Michael Gillespie, Promoz is another variant of high-risk ransomware called Djvu. After infiltrating the system, Promoz encrypts most stored files and adds the ".promoz" appendix to each filename (for instance, "sample.jpg" is renamed to "sample.jpg.promoz"). Once encryption i
MM Player is presented as a high performance video player for MacOS systems. This may seem to be a legitimate application, however, it is promoted through a website from which it can be downloaded. Developers also distribute it using the "bundling" method. Apps proliferated in this way are cate
search.getpdftotal.com is another fake search engine that supposedly enhances the browsing experience by generating improved results and allowing conversion of PDF files to other formats. Note that the appearance of search.getpdftotal.com suggests that this website is legitimate and useful, how
Discovered by Jakub Kroustek, Frendi is another variant of Phobos and one of many programs categorized as ransomware. Like most computer infections of this type, Frendi is designed to encrypt data (block access to files) and create ransom messages. In this case, it displays a pop-up window and ge
search.hdirectionsandmapstab.com is another deceptive website presented as a high quality search engine that supposedly enhances the browsing experience by generating the most relevant results and allowing access to various popular websites. Judging on appearance alone, search.hdirectionsandmapst
Target777 is a ransomware-type program also known as Defray777. Developers distribute it so that they can blackmail people - the program encrypts files and keeps them in that state until a ransom is paid to cyber criminals. Target777 developers target mostly companies rather than regular users. R
search.searchfch.com is a fake search engine that supposedly enhances the browsing experience by generating improved results and providing quick access to various popular websites (Yahoo, Facebook, Gmail, etc.). On initial inspection, search.searchfch.com may seem legitimate and useful, however,
apple.com-cleaning-os.live is a rogue, deceptive website that promotes various potentially unwanted applications (PUAs). At time of research, it performed this by displaying a fake virus alert message. Ironically, people are forced to visit this website when they already have other PUAs installe
CrazyCrypt is a ransomware-type virus discovered by MalwareHunterTeam. Following successful infiltration, CrazyCrypt encrypts most stored files and appends filenames with the ".crazy" extension, the victim's unique ID, and developer's email address. For instance, "sample.jpg" is renamed to "sampl