Mzre Ransomware is a malicious software that encrypts files on infected computers, rendering them inaccessible. It is a variant of the Djvu ransomware family and is known to append the .mzre extension to the filenames of encrypted files. For example, a file named
1.jpgwould be changed to
1.jpg.mzre. Mzre Ransomware may also be distributed alongside information-stealing malware like Vidar and RedLine. Mzre Ransomware encrypts files using a powerful cryptography algorithm and adds extensions to the filenames. This makes the files inaccessible and forces victims to pay a ransom to regain access to their data. Upon encrypting the files, Mzre Ransomware creates a ransom note named _readme.txt. The note provides information on how to establish contact with the attackers and outlines the decryption costs.
ProgramProcessor is an adware-type application that belongs to the AdLoad malware family. Adware generates revenue for its developers by displaying undesirable and deceptive advertisements, such as pop-ups, coupons, banners, and overlays, on various interfaces. ProgramProcessor is specifically designed to target macOS systems and can endanger both the device and user's safety. Once installed on a Mac, ProgramProcessor can hijack the browser homepage and search engine, displaying unwanted advertisements not originating from the sites users are browsing. It can also redirect browser search queries through ProgramProcessor Search, which then redirects to search result pages from search.yahoo.com, likely to generate advertising revenue. ProgramProcessor may open new tabs in the browser displaying advertisements trying to sell software, push fake software updates, and promote tech support scams.
NIGHT CROW Ransomware is a malicious software designed to encrypt data on a victim's computer and demand payment for its decryption. It appends the .NIGHT_CROW extension to the encrypted files, making them inaccessible. For example, a file initially named
sample.docx.NIGHT_CROW. After encrypting the files, NIGHT CROW drops a ransom note titled NIGHT_CROW_RECOVERY.txt on the infected system. Although the specific encryption algorithm used by NIGHT CROW is not yet discovered, ransomware typically employs strong encryption algorithms, such as AES, to lock the victim's files. The ransom note created by NIGHT CROW informs the victim that their files have been encrypted but reassures them that the data is recoverable. The note instructs the victim to pay a 0.000384 BTC (Bitcoin cryptocurrency) ransom, which is approximately 10 USD at the current exchange rate. This amount is relatively low compared to other ransomware demands.
Azop Ransomware is a malicious software program that encrypts files on targeted computer systems, rendering them inaccessible. It is a member of the STOP/Djvu malware family and is known for its strong encryption capabilities. Azop Ransomware appends the .azop extension to the encrypted files, making them unreadable and unusable. For example, it changes
2.png.azop. Azop Ransomware uses the Salsa20 encryption algorithm to encrypt files. This strong encryption method makes it particularly difficult, if not impossible, to find the decryption key without cooperating with the attackers. Azop Ransomware creates a ransom note in the form of a text document named _readme.txt. The note contains instructions on how to contact the criminals behind Azop and pay a ransom in exchange for the decryption key.
LostTrust Ransomware is a type of malicious software designed to encrypt data on a victim's computer, making it inaccessible until a ransom is paid. The primary goal of this ransomware is to extort money from victims by encrypting their files and demanding payment for decryption. LostTrust Ransomware appends the .losttrustencoded extension to the encrypted files. The specific encryption algorithm used by LostTrust Ransomware is not yet investigated. However, ransomware often uses complex encryption algorithms, such as AES and RSA, to encrypt files. LostTrust Ransomware creates a ransom note named !LostTrustEncoded.txt. The note informs victims that the attackers have acquired a significant amount of crucial data from their network and promises to provide a detailed list of the compromised files upon request.
PrimeVersion is a potentially unwanted program (PUP) that targets macOS systems. It is a type of adware that injects advertisements into websites you visit and redirects your browser search queries. PrimeVersion hijacks your browser homepage and search engine, displaying unwanted advertisements not originating from the sites you are browsing. It typically uses a browser extension or program to achieve this. Adware creates various files and folders on your Mac when it infects the system. Some files and folders it may create include browser extensions, configuration files, and other components that allow it to inject advertisements and hijack your browser settings. These files can be located in different directories, such as the Applications folder, Library folder, and browser extension folders. To completely remove PrimeVersion from your Mac, it is essential to delete all associated files and folders, as well as any browser extensions related to the adware.