Puma Ransomware, that started to hit thousands of computers in November, 2018, is, actually, nothing but another variation of STOP Ransomware. Current version appends .puma, .pumax or .pumas extensions to encrypted files, and that is why it has such nickname. Virus uses the same name for ransom note file: !readme.txt. Developers tried to confuse ransomware identification services and users by adding new extensions, but using the same templates, code and other signs unequivocally indicate belonging to a certain family. As we see from the name of the executable: updatewin.exe, it pretends to be a Windows update. Puma (STOP) Ransomware still uses RSA-1024 encryption algorithm. Current version of Puma Ransomware was developed in Visual Studio 2017.
MacPerformance is malicious application for MacOS, that belongs to OSX Pirrit adware family. It controls settings of Safari, Google Chrome, Mozilla Firefox to create redirects and display ads and pop-ups. It infiltrates Mac computers invisibly or by fraud and starts to generate advertisements, showing phishing pages, encouraging users to download potentially unwanted applications. Sometimes MacPerformance is offered to be installed in a bundle with good applications, and users, confused by the name of the program, think that this is optimisation software for MacOS, and allow installation.
Dharma virus, unlike similar types of ransomware, does not change desktop background, but creates README.txt or Document.txt.[email@example.com].zzzzz files and places them in each folder with compromised files. Text files contain message stating that users have to pay the ransom using Bitcoins and amount is approximately $300-$500 depending on ransomware version. The private decryption key is stored on a remote server, and there currently impossible to break the encryption of the latest version.
KMSPico is illegal tool for unauthorized activation of Microsoft Windows, Microsoft Office and other products from this corporation. KMS (Key Management System) is technology, used by Microsoft to activate their software and services using local network or remote servers. It allows permanent activation and temporary (180 days) activation, which allows users to prolong unlawful usage of paid products. KMSPico can be categorized as hacktool for using pirated software. However, it is often bundled with RAT (Remote Access Trojan), PUP (potentially unwanted programs), adware or viruses. This allows hackers to obtain user’s private information, such as passwords, credit card information and other. Malefactors can also create botnets from computers infected with KMSPico.
Mac Cleanup Pro is fraudulent application for MacOS. It uses deceptive tactic to infiltrate user’s computers, performs fake scan for viruses and errors and always find severe problems, even on brand new machines. It then asks ~$120 for program activation and removal of non-existent viruses. After this Mac Cleanup Pro encourages people to call Premium Techie Support, where real person (probably from India or China) will try to sell additional support plans and applications like Mac Space Reviver, Mac Adware Cleaner, and Unpollute My Mac, that cost from $300 to $600. This is totally scam, and you need to block and chargeback all this transactions. After this, please, perform instructions on this page to remove Mac Cleanup Pro and all residual data, and get software to protect your Mac from malicious applications.