Step-by-Step Malware Removal Instructions

Make Aliens Great Again ($MAGA) Allocation Scam
Phishing/Scam

Make Aliens Great Again ($MAGA) Allocation Scam

We have inspected the website (makealiensgreatagain[.]app) and found that it is a copy of the original Make Aliens Great Again platform (makealiensgreatagain.com). The fraudulent version is designed to steal cryptocurrency from victims through a malicious tool. It should be avoided to prevent fina

GitHub Archive Downloader Scam
Potentially unwanted application

GitHub Archive Downloader Scam

Our team has determined that this is a scam involving a legitimate website (GitHub platform) and a fake application uploaded to it. The distributed application is flagged as malicious by multiple security vendors. Thus, installing it may lead to identity theft, financial loss, or other issues. Use

Net Ransomware
Ransomware

Net Ransomware

Net is ransomware that we uncovered while examining malware samples submitted to VirusTotal. After execution, Net makes files inaccessible by encrypting them. Also, the ransomware appends the ".net6" extension to files (the number in it may vary) and provides a ransom note ("Recovery_Instructions.

notnullOSX Malware (Mac)
Mac Virus

notnullOSX Malware (Mac)

notnullOSX is an information stealer written in the Go programming language. It targets macOS users and is used to steal cryptocurrency from victims. Threat actors distribute notnullOSX using a ClickFix technique and infected DMG files. If this malware gets detected on a device, it should be rem

Hir.harvard.edu ClickFix Malware
Trojan

Hir.harvard.edu ClickFix Malware

Our team has discovered that cybercriminals compromised the official Harvard website (hir.harvard.edu) and injected ClickFix. By exploiting access to a trusted, reputable domain, the attackers were able to host malicious content that appears legitimate, increasing the likelihood that visitors woul

Social Security Administration (SSA) eStatement Email Scam
Phishing/Scam

Social Security Administration (SSA) eStatement Email Scam

We have examined the message and determined that it is designed to deceive recipients into believing that they have to review their accounts as soon as possible. This scam email includes a link to a phishing website. Typically, scams like this are used to harvest personal information. This and sim

RAM Shipment On Hold Email Scam
Phishing/Scam

RAM Shipment On Hold Email Scam

We have inspected the email and found that it is designed to look like a delivery update from a legitimate company. However, this message is fraudulent, as it contains fake details and includes a link to a deceptive page. The scammers behind this email likely seek to steal money and personal infor

STX RAT
Trojan

STX RAT

STX is a remote access Trojan (RAT) that cybercriminals were observed spreading through fake or trojanized software installers. The RAT steals passwords, browser data, crypto-wallet details, and other sensitive information after connecting to its command-and-control server. It also uses anti-detec

Hnx911 Ransomware
Ransomware

Hnx911 Ransomware

Hnx911 is ransomware from the Xorist family. Our team discovered it during an inspection of malware samples uploaded to VirusTotal. Once executed, Hnx911 encrypts the victim's files and appends the ".hnx911" extension. It also creates a ransom note "HOW TO DECRYPT FILES.txt" and displays another o

Cloud Storage Plan Has Been Paused Email Scam
Phishing/Scam

Cloud Storage Plan Has Been Paused Email Scam

Our team has reviewed the email and found that it is disguised as a notification regarding the recipient's cloud storage plan. It urges the recipient to solve the "issue" through the provided link as soon as possible. The included link leads to deceptive websites. This scam email should be ignored