Step-by-Step Malware Removal Instructions

HSBC Money Transfer Completed Email Scam
Phishing/Scam

HSBC Money Transfer Completed Email Scam

We have examined this email and concluded it is a phishing scam. The message impersonates HSBC bank, falsely claiming that a large money transfer has been completed from the recipient's account. Its real purpose is to steal email login credentials. This email should be ignored. The email c

Payment Order Award Email Scam
Phishing/Scam

Payment Order Award Email Scam

We have examined this email and concluded it is a scam. The message poses as an official communication from the Federal Reserve Bank, falsely claiming the recipient is entitled to a $10,000,000 payment authorized by the United Nations and World Bank. Scammers use it to harvest personal and financi

Private Financial Transaction Email Scam
Phishing/Scam

Private Financial Transaction Email Scam

We have examined this email and concluded it is a scam. It poses as a personal letter from Ms. Reem Al Hashimy, described as the UAE's Minister of State for Finance, with a request to help transfer over $20 million in oil funds. This is a classic advance-fee fraud aimed at extracting money and per

PamStealer Malware (Mac)
Mac Virus

PamStealer Malware (Mac)

PamStealer is a two-stage information stealer that targets macOS users. According to research published by Jamf Threat Labs, the malware disguises itself as Maccy, a real open-source clipboard manager, to trick victims into running it themselves. The first stage is a compiled AppleScript that d

Mistic Backdoor
Trojan

Mistic Backdoor

Mistic Backdoor is a stealthy backdoor deployed since April 2026 by a threat actor tracked as Woodgnat (also known as KongTuke). According to research by Security.com, it gives attackers persistent, hidden access to infected systems and executes code entirely in memory, leaving few traces on disk.

KuinaExtractor Stealer
Trojan

KuinaExtractor Stealer

KuinaExtractor (also tracked under the alias k0to) is an information stealer written in Rust and first observed in December 2025. According to research by Threatray, the malware has been in active development for at least six months, gaining new capabilities with each update. KuinaExtractor targe

Google Notes Crypto Clipper
Trojan

Google Notes Crypto Clipper

Google Notes Crypto Clipper is a malicious browser extension that pretends to be a simple note-taking tool called "Google Notes." According to research by McAfee Labs, the extension actually works as a clipper, a type of malware that quietly rewrites cryptocurrency wallet addresses copied to the c

Kora Ransomware
Ransomware

Kora Ransomware

Kora is ransomware discovered by our researchers during a routine inspection of new submissions to the VirusTotal website. It encrypts files stored on the victim's machine and demands payment in exchange for decryption. On our test machine, this ransomware encrypted files and appended the ".kora"

Messages Are On Hold Email Scam
Phishing/Scam

Messages Are On Hold Email Scam

After inspecting this email, we determined that it is a phishing scam. It poses as an automated security notification from the recipient's email service, falsely claiming that incoming messages are being held pending verification. The goal is to steal email login credentials by directing recipient

Contract Procurement Email Virus
Phishing/Scam

Contract Procurement Email Virus

Our team has inspected this email and determined it is malspam. The message poses as a business contract procurement notification and prompts recipients to click a link to review a shared document. That link leads to a malicious website that automatically downloads a trojanized file onto the victi