Step-by-Step Malware Removal Instructions

Device Locked Due To Access To Illegal Content Scam
Phishing/Scam

Device Locked Due To Access To Illegal Content Scam

"Device Locked Due To Access To Illegal Content" is a multilingual scam claiming that users' devices have been blocked due to repeated access to online resources containing illegal pornographic content. The goal is to deceive victims into paying a bogus fine – sending money to scammers. It must be

BAGAJAI Ransomware
Ransomware

BAGAJAI Ransomware

BAGAJAI is a ransomware-type program discovered by our researchers while reviewing new submissions to the VirusTotal website. This malicious program is part of the MedusaLocker ransomware family. Malware within this classification operates by encrypting data in order to demand a ransom for decrypt

PROMPTSTEAL Malware
Trojan

PROMPTSTEAL Malware

PROMPTSTEAL is a malicious program designed to steal information. It is written in the Python programming language. This data miner is a novel malware that utilizes generative AI to create malicious commands during execution. PROMPTSTEAL has been used by FROZENLAKE (also known as APT28) – a threa

Upectaevie.com Ads
Notification Spam

Upectaevie.com Ads

We have examined upectaevie[.]com and determined that it uses clickbait to trick visitors into consenting to receive its notifications. Once this permission is given, upectaevie[.]com starts showing bogus warnings and other deceptive notifications. The purpose of upectaevie[.]com is to promote oth

Fantasy Hub RAT (Android)
Trojan

Fantasy Hub RAT (Android)

Fantasy Hub is a Remote Access Trojan (RAT) targeting Android devices. The malware is sold as Malware-as-a-Service and is capable of controlling infected devices, exfiltrating messages, contacts, and media, and intercepting or manipulating incoming notifications. Fantasy Hub should be removed from

Antombly.co.in Ads
Notification Spam

Antombly.co.in Ads

Our team has checked antombly.co[.]in and found that it uses a misleading technique (known as clickbait) to trick visitors into granting it permission to send notifications. If the site obtains this permission, it can show fake warnings and other deceptive messages to promote other unsafe pages.

SpaceSix Unwanted Application
Potentially unwanted application

SpaceSix Unwanted Application

Our inspection has revealed that SpaceSix is an unwanted application, as it has been flagged as malicious by multiple security vendors. Also, the app has no clear functionality. Installing SpaceSix on devices can lead to privacy and security risks. Thus, users are advised to avoid this and similar

Phantom (Hidden Tear) Ransomware
Ransomware

Phantom (Hidden Tear) Ransomware

During an examination of malware samples uploaded to VirusTotal, we discovered Phantom, a ransomware developed using an open-source ransomware project known as Hidden Tear. Once executed, Phantom encrypts files and appends its extension (".Phantom") to files. For instance, it renames "1.jpg" to "1

Giggle Fund ($GIGGLE) Airdrop Scam
Phishing/Scam

Giggle Fund ($GIGGLE) Airdrop Scam

Our analysis has revealed that this website (gigglepartners[.]xyz) is a copy of the GiggleFund web page (giggletoken.com). The purpose of this fake page is to steal cryptocurrency from victims. Like most scams of this type, it offers free cryptocurrency as a lure. Users should avoid interacting wi

SecurePass Unwanted Application
Potentially unwanted application

SecurePass Unwanted Application

While browsing dubious websites, our research team found the SecurePass PUA (Potentially Unwanted Application). It is presented as a tool capable of creating secure passwords and checking their strength. Unwanted apps are distributed using questionable or downright deceptive methods, and they ofte