BugsFighter

PrimeVersion is a potentially unwanted program (PUP) that targets macOS systems. It is a type of adware that injects advertisements into websites you visit and redirects your browser search queries. PrimeVersion hijacks your browser homepage and search engine, displaying unwanted advertisements not originating from the sites you are browsing. It typically uses a browser extension or program to achieve this. Adware creates various files and folders on your Mac when it infects the system. Some files and folders it may create include browser extensions, configuration files, and other components that allow it to inject advertisements and hijack your browser settings. These files can be located in different directories, such as the Applications folder, Library folder, and browser extension folders. To completely remove PrimeVersion from your Mac, it is essential to delete all associated files and folders, as well as any browser extensions related to the adware.

Mzhi Ransomware is a type of malicious software designed to encrypt files, rendering them inaccessible to the victim. Its primary aim is to extort money from the victim in exchange for the decryption key to unlock the encrypted files. Mzhi Ransomware is similar to other ransomware strains like Mzqt, Azqt, and Mzqw, which also encrypt files and demand ransom payments. Mzhi Ransomware appends the .mzhi extension to the filenames of the encrypted files. This ransomware typically uses strong encryption algorithms like AES or RSA to encrypt the victim's files, making it nearly impossible to decrypt them without the correct key. Mzhi Ransomware creates a ransom note named _readme.txt and drops it in various directories on the infected computer. The ransom note informs the victim that their files have been encrypted and demands a ransom payment, usually in the form of cryptocurrency, to provide the decryption key.

ZenSearch is a browser hijacker that infiltrates users' internet browsers, such as Edge, Google Chrome, and Mozilla Firefox, and modifies their settings. It is associated with a web browser extension or plug-in generally considered as a Potentially Unwanted Program (PUP). ZenSearch changes the homepage and default search engine of the affected browsers, redirecting users to search.zensearch.online. This search engine does not produce distinct search results but simply displays results from Bing, a legitimate search engine. However, it is classified as a counterfeit search engine because the results can be manipulated, displaying sponsored links and ads prominently. Using this search engine carries inherent privacy risks, as it has the capacity to monitor users' search queries and online browsing activities. The search results can be manipulated, and sponsored links and ads may be displayed prominently.

Daily.gratis is a malicious website that tries to trick users into subscribing to its push notifications so that it can send notification spam directly to their desktop or phone. The site displays fake messages to deceive users into subscribing to its spam push notifications. If users subscribe to Daily.gratis notifications, they will start receiving spam popups directly on their desktop or phone even if the browser is closed. These ads are for adult sites, online web games, fake software updates, and unwanted programs. Daily.gratis exploits browser notifications by displaying fake messages that prompt users to click the "Allow" button to verify that they are not robots. If users click "Allow," notifications from Daily.gratis will begin popping up on their screens from time to time, spamming them with ads, prompts to download software, fake alerts from the operating system, and fraudulent messages. Daily.gratis can infect popular web browsers, including Google Chrome, Mozilla Firefox, Microsoft Edge, and others. It can affect both desktop and mobile devices, as the push notifications can be sent to both platforms.

Azqt Ransomware is a malicious software that belongs to the Djvu malware family and is a variant of the notorious STOP/Djvu ransomware. It is designed to encrypt files on the victim's computer and demand payment, usually in cryptocurrency, for their decryption. The primary purpose of Azqt Ransomware is to target the victim's wallet by encrypting files and then asking for a ransom to decrypt them. Upon infiltrating a computer, Azqt ransomware encrypts files using a robust and unique encryption method, such as the Salsa20 encryption. It adds the .azqt extension to the filenames of the encrypted files, for example, changing 1.jpg to 1.jpg.azqt and 2.png to 2.png.azqt. Azqt ransomware generates a ransom note in the form of a text document named _readme.txt. The note explains that all files, including images, databases, documents, and essential data, have been encrypted and directs victims to purchase a decryption tool and a key to regain access to their files. The ransom amount ranges from $490 to $980 in Bitcoins.

News06.biz is a malicious site that displays fake error messages to trick users into subscribing to its browser notifications. It is a browser-based scam that aims to send unwanted advertisements directly to users' computers or phones. The site uses social engineering techniques to encourage users to click on the "Allow" button, which enables push notifications from the website. Once users click on the "Allow" button, they will start receiving unwanted pop-up ads from News06.biz, even when their browser is not visible. News06.biz exploits browser notifications by tricking users into enabling them. The site claims that users need to click "Allow" on a "Confirm notifications" window to access the content they are looking for. Once users click on the "Allow" button, they grant permission for the site to send notifications to their desktop, which results in unwanted pop-up ads. News06.biz can infect various browsers, including Google Chrome, Mozilla Firefox, Internet Explorer, and Microsoft Edge. The site can also affect Android devices.