Step-by-Step Malware Removal Instructions

SONIC Airdrop Scam
Phishing/Scam

SONIC Airdrop Scam

We have analyzed this page (alrdrop-0xsonlciabs[.]com) and found that it offers individuals the opportunity to participate in a cryptocurrency giveaway. However, this giveaway and similar sites should not be trusted. It is just a lure designed to trick people into taking actions that may lead to f

Celebfinancenews.com Ads
Notification Spam

Celebfinancenews.com Ads

Celebfinancenews[.]com is a rogue webpage discovered by our researchers during a routine investigation of untrustworthy sites. Upon inspection, we learned that this page endorses browser notification spam and redirects users to different (likely dubious/malicious) websites. The majority of visito

Av-com.co.in Ads
Notification Spam

Av-com.co.in Ads

Our researchers discovered the av-com.co[.]in rogue page while investigating suspect websites. Upon examination, we determined that this webpage promotes browser notification spam and redirects visitors to different (likely unreliable/hazardous) sites. Most users access pages like av-com.co[.]in v

Bestntmads24.com Ads
Notification Spam

Bestntmads24.com Ads

While browsing suspicious sites, our researchers discovered the bestntmads24[.]com rogue page. It is intended to promote spam browser notifications and produce redirects leading to other (likely dubious/dangerous) websites. Users primarily access webpages like bestntmads24[.]com through redirects

Fantom Airdrop Scam
Phishing/Scam

Fantom Airdrop Scam

This "Fantom Airdrop" is fake. We found this scam on phntm-found.pages[.]dev, yet it could be hosted elsewhere. This hoax giveaway is supposedly distributing Fantom (FTM) tokens. Instead, the scheme operates as a cryptocurrency drainer. It must be stressed that this fake "Fantom Airdrop" is in no

Account Validation Email Scam
Phishing/Scam

Account Validation Email Scam

After inspecting this "Account Validation" email, we determined that it is spam. This message claims the recipient risks having their email account permanently disabled unless it is verified. The purpose of this mail is to deceive recipients into disclosing their log-in credentials to a phishing w

Darkadventurer Ransomware
Ransomware

Darkadventurer Ransomware

While inspecting Darkadventurer, we found that it is a ransomware variant based on Chaos ransomware. Darkadventurer encrypts files, appends random extensions to filenames, changes the desktop wallpaper, and drops a ransom note ("read_it.txt" file). An example of how it renames files: it changes "1

$MPEPE PRESALE Scam
Phishing/Scam

$MPEPE PRESALE Scam

Our researchers discovered this fake "$MPEPE PRESALE" while investigating dubious websites. The scam site is supposedly running a presale event for the Mpeppe (MPEPE) memecoin. Instead, it operates as a phishing scam and targets cryptowallet log-in credentials. IMPORTANT NOTE: We do not revi

Unichain Rewards Scam
Phishing/Scam

Unichain Rewards Scam

We found this fake "Unichain Rewards" site – unichain-quest[.]com – (could be hosted elsewhere) while investigating deceptive websites. This scam promises rewards for bridging. Instead of granting any benefits, this fraudulent webpage facilities a crypto drainer. Basically, the scheme steals digit

MANTRA Registration Scam
Phishing/Scam

MANTRA Registration Scam

While investigating suspicious websites, our researchers discovered the "MANTRA Registration" scam (mainnet-mantra[.]trade; could be hosted elsewhere). The scheme promises various rewards for registration, and when users attempt to register – they expose their digital wallets to a cryptocurrency d