Step-by-Step Malware Removal Instructions

X Layer Vote Rewards Scam
Phishing/Scam

X Layer Vote Rewards Scam

We have inspected the website (app-xlayer[.]com) and found that it aims to trick visitors into connecting their crypto wallets by offering rewards. Victims of this scam can lose their cryptocurrency, as the site uses a malicious tool to drain wallets. Overall, app-xlayer[.]com is not a trustworthy

Lowpedriliks.com Ads
Notification Spam

Lowpedriliks.com Ads

While investigating dubious sites, our researchers discovered the lowpedriliks[.]com rogue page. It is designed to promote browser notification spam and generate redirects to other (likely unreliable/hazardous) websites. Most visitors to lowpedriliks[.]com and similar webpages enter them through

Orderly ($ORDER) Vote Rewards Scam
Phishing/Scam

Orderly ($ORDER) Vote Rewards Scam

"Orderly ($ORDER) Vote Rewards" is a scam discovered by our researchers while browsing suspicious websites. The goal of this fraudulent page is to trick users into exposing their cryptowallets to a cryptocurrency drainer – a mechanism that steals digital assets. It must be emphasized that this sca

Giggle Fund ($GIGGLE) Vote Rewards Scam
Phishing/Scam

Giggle Fund ($GIGGLE) Vote Rewards Scam

Our research team discovered this fake "Giggle Fund ($GIGGLE) Vote Rewards" while investigating suspicious websites. This fraudulent page imitates the official site of the GIGGLE token (giggletoken.com) and promises rewards to early voters who hold the namesake token. The purpose of this scam is t

BeFirst Ransomware
Ransomware

BeFirst Ransomware

Our researchers discovered BeFirst ransomware during a routine inspection of new file submissions to the VirusTotal site. This malicious program is part of the MedusaLocker ransomware family. BeFirst operates by encrypting data in order to demand a ransom for the decryption. After we executed a s

Hyperliquid ($HYPE) Vote Rewards Scam
Phishing/Scam

Hyperliquid ($HYPE) Vote Rewards Scam

While investigating suspect sites, our researchers discovered the "Hyperliquid ($HYPE) Vote Rewards" scam. This page impersonates the official Hyper Foundation website (hyperfoundation.org) and promises rewards to early voters. The goal is to deceive users into exposing their digital wallets to a

ChainOpera AI ($COAI) Airdrop Scam
Phishing/Scam

ChainOpera AI ($COAI) Airdrop Scam

This "ChainOpera AI ($COAI)" airdrop is fake. Our researchers discovered this scam during a routine inspection of suspicious websites. It is presented as the official website of ChainOpera AI (chainopera.ai) and lures users into exposing their cryptowallets to a cryptocurrency drainer. It must be

Onyx Vote Rewards Scam
Phishing/Scam

Onyx Vote Rewards Scam

Our examination of the page (event-onyxs[.]org) has revealed that it is a fake site posing as the original Onyx website (onyx.org). The scammers behind the fraudulent page aim to trick visitors into believing that they can claim rewards, and their intention is to steal cryptocurrency. IMPORT

Fake DappRadar Website Scam
Phishing/Scam

Fake DappRadar Website Scam

We have inspected the website (jayacitakreasindo[.]com) and concluded that it is a scam. It mimics the original DappRadar page (dappradar.com) to appear trustworthy. The purpose of this site is to trick visitors into connecting their wallets, which allows scammers to steal cryptocurrency. IM

FIND Ransomware
Ransomware

FIND Ransomware

Our analysis shows that FIND is ransomware from the Dharma family. We discovered it while inspecting samples submitted to VirusTotal. Once executed, FIND encrypts files and provides two ransom notes (it displays a pop-up window and creates a file named "info.txt"). Also, the ransomware renames fil