Discovered by Jakub Kroustek, ms13 is yet another ransomware infection belonging to the Dharma malware family. As with other viruses of this kind, ms13 compromises stored data by encryption. In addition, it appends filenames with the ".ms13" extension plus the victim's unique ID and developer's em
The ChangeToPDF app is promoted as a PDF converter that allows users to convert their PDF files to various other formats such as Word, PowerPoint, Excel, PNG, JPG, etc. In fact, this software originates from the Bundlore adware family and is used to distribute adware-type applications to Mac co
Discovered by GrujaRS, Marozka is a ransomware-type program that is based on an open-source ransomware project called Hidden Tear. It encrypts data using AES cryptography and creates a ransom message within a text file called "HOW TO DECRYPT FILES.txt", which can be found in each folder that conta
The dongtaiwang.com website is created for Chinese-speaking users and promotes a VPN (Virtual Private Network) called Freegate. This app accesses websites that are otherwise blocked in the user's country. Note, however, that it is categorized as a browser hijacker, a potentially unwanted applicat
redrentalservice.com (a successor of setforconfigplease.com) is one of many websites that cause redirects to other untrustworthy sites. Some examples of other websites that operate in this way are setforconfigplease.com, somelandingpage.com, and setforspecialdomain.com. People are usually redirec
"Flash Player Auto Update Daemon" is a fake system notification (pop-up window) encouraging Mac users to update their Flash Players. Typically, such notifications appear due to installed adware-type apps that are categorized as potentially unwanted applications (PUAs). These usually feed users w
Originating from Paradise malware family, securityP is a high-risk ransomware discovered by Michael Gillespie. This malware is designed to encrypt stored data and append filenames with the ".securityP" extension plus the victim's unique ID and developer's email address (e.g., "sample.jpg" might b
Baldr stealer (also known as Trojan:MSIL/Darbl.A) is a malicious program that steals data. Cyber criminals can purchase this tool from hacking forums to generate revenue by misusing recorded (stolen) information. Generally, they present this program as a tool that can be used for a number of purpo
Stun is yet another variant of Dharma ransomware and was first discovered by Jakub Kroustek. As with its predecessor, Stun also encrypts most stored files and appends filenames with the ".stun" extension plus the victim's unique ID and developer's email address. For example, "sample.jpg" might be
Most ransomware-type programs are designed to encrypt files, prevent victims from accessing them, and keep them in that state until a ransom is paid. Unnam3d differs, since it places files into RAR archives that cannot be extracted without entering a password. It also changes the wallpaper and dis