Step-by-Step Malware Removal Instructions

The Black Bull ($ANSEM) Airdrop Scam
Phishing/Scam

The Black Bull ($ANSEM) Airdrop Scam

During our investigation of blackbullsolclaim[.]pro, we found that this page promotes a fake cryptocurrency airdrop tied to the Black Bull ($ANSEM) project on Solana. It is designed to trick visitors into connecting their cryptocurrency wallets, which can result in the theft of their digital asset

SSL Certificate Expiration Email Scam
Phishing/Scam

SSL Certificate Expiration Email Scam

We have examined this email and determined it is a phishing scam. It impersonates a fake hosting provider called "Hosting.ssl," falsely claiming the recipient's SSL certificate is about to expire, and directs victims to a fraudulent login page to steal their email account credentials. This email s

Jeckel Ransomware
Ransomware

Jeckel Ransomware

Jeckel is ransomware discovered by our researchers during a routine inspection of new submissions to the VirusTotal website. It encrypts files stored on the victim's computer, appends the .jeckel-lock extension to their names, and changes the desktop wallpaper. A ransom note is also created in a t

Orexin Ransomware
Ransomware

Orexin Ransomware

Orexin is ransomware discovered by our researchers during a routine inspection of VirusTotal. It encrypts files, appends a distinctive extension to their filenames, and delivers ransom demands via a text file and a modified desktop wallpaper. On our test machine, each encrypted file was appended

HSBC Money Transfer Completed Email Scam
Phishing/Scam

HSBC Money Transfer Completed Email Scam

We have examined this email and concluded it is a phishing scam. The message impersonates HSBC bank, falsely claiming that a large money transfer has been completed from the recipient's account. Its real purpose is to steal email login credentials. This email should be ignored. The email c

Payment Order Award Email Scam
Phishing/Scam

Payment Order Award Email Scam

We have examined this email and concluded it is a scam. The message poses as an official communication from the Federal Reserve Bank, falsely claiming the recipient is entitled to a $10,000,000 payment authorized by the United Nations and World Bank. Scammers use it to harvest personal and financi

Private Financial Transaction Email Scam
Phishing/Scam

Private Financial Transaction Email Scam

We have examined this email and concluded it is a scam. It poses as a personal letter from Ms. Reem Al Hashimy, described as the UAE's Minister of State for Finance, with a request to help transfer over $20 million in oil funds. This is a classic advance-fee fraud aimed at extracting money and per

PamStealer Malware (Mac)
Mac Virus

PamStealer Malware (Mac)

PamStealer is a two-stage information stealer that targets macOS users. According to research published by Jamf Threat Labs, the malware disguises itself as Maccy, a real open-source clipboard manager, to trick victims into running it themselves. The first stage is a compiled AppleScript that d

Mistic Backdoor
Trojan

Mistic Backdoor

Mistic Backdoor is a stealthy backdoor deployed since April 2026 by a threat actor tracked as Woodgnat (also known as KongTuke). According to research by Security.com, it gives attackers persistent, hidden access to infected systems and executes code entirely in memory, leaving few traces on disk.

KuinaExtractor Stealer
Trojan

KuinaExtractor Stealer

KuinaExtractor (also tracked under the alias k0to) is an information stealer written in Rust and first observed in December 2025. According to research by Threatray, the malware has been in active development for at least six months, gaining new capabilities with each update. KuinaExtractor targe