Step-by-Step Malware Removal Instructions

PepeFork ($PORK) Registration Scam
Phishing/Scam

PepeFork ($PORK) Registration Scam

We have inspected the PepeFork ($PORK) Registration site (porkcoin[.]support) and found that it is a scam website mimicking the original pond0x[.]com and pondcoin[.]com websites. The fraudulent site is created by scammers with the intention of stealing cryptocurrency from unsuspecting individuals.

Robaj Ransomware
Ransomware

Robaj Ransomware

While inspecting new file submissions to the VirusTotal platform, our researchers discovered the Robaj ransomware. After this malware was executed on our testing system, it encrypted files and dropped a ransom note – "readme.txt" – demanding payment for the decryption. The locked files had their

Merlin Swap Airdrop Scam
Phishing/Scam

Merlin Swap Airdrop Scam

Upon closer inspection of the site (mage-airdrop-merlinchain[.]com), we identified that it is a deceptive website promoting a fake cryptocurrency giveaway (airdrop). This scam page is presented as the number one decentralized exchange in the Bitcoin ecosystem. Scammers use this website to steal cr

Blaster Token ($BLSTR) Early Access Scam
Phishing/Scam

Blaster Token ($BLSTR) Early Access Scam

After inspecting this "Blaster Token ($BLSTR) Early Access" airdrop, we determined that it is a scam. This scheme was hosted on added-ones[.]info, and it claims to be distributing Blaster tokens (BLSTR). It operates as a cryptocurrency drainer that steals funds from compromised digital wallets. I

Tuborg Ransomware
Ransomware

Tuborg Ransomware

In the process of reviewing the malware, it became apparent that Tuborg is ransomware (not associated with the Tuborg Brewery in any way) designed to encrypt files. We discovered Tuborg ransomware while examining malware samples submitted to VirusTotal. In addition to encrypting files, Tuborg chan

Dog RuneStone Airdrop Scam
Phishing/Scam

Dog RuneStone Airdrop Scam

During an analysis of the site (airdrop-doggotothemoon[.]xyz), it has come to our attention that it is a scam website promoting a fake Dog RuneStone airdrop (a cryptocurrency giveaway). The scammers behind this page aim to trick potential participants into believing they can receive free cryptocur

Mydotheblog.com Ads
Notification Spam

Mydotheblog.com Ads

Our researchers found the mydotheblog[.]com rogue page while investigating untrustworthy websites. After inspecting it, we determined that this webpage promotes browser notification spam and redirects users to other (likely dubious/dangerous) sites. Users most commonly enter pages like mydotheblo

Quote For The Attached Products Email Scam
Phishing/Scam

Quote For The Attached Products Email Scam

Upon examination, we determined that the "Quote For The Attached Products" email is spam. It is presented as a potential purchase inquiry that directs users into accessing a nonexistent attachment. The goal of the spam mail is to redirect recipients to a phishing website that targets log-in creden

British American Tobacco Company Promotion Email Scam
Phishing/Scam

British American Tobacco Company Promotion Email Scam

After reading the "British American Tobacco Company Promotion" email, we determined that it is spam. The scam letter claims that the recipient was selected as a winner in a promotion supposedly held by the British American Tobacco company. It must be stressed that this prize is nonexistent, nor h

$SAFE Token Airdrop Scam
Phishing/Scam

$SAFE Token Airdrop Scam

After investigating this "$SAFE Token Airdrop", as promoted on the blackpanther-claim[.]network webpage, we determined that it is a scam. It imitates the Safe platform (safe.global) running an airdrop with the goal of luring victims into exposing their digital wallets to a cryptocurrency drainer.