Step-by-Step Malware Removal Instructions

AttackFiles Ransomware
Ransomware

AttackFiles Ransomware

While analyzing new submissions to VirusTotal, our research team discovered the AttackFiles malicious program. It belongs to the MedusaLocker ransomware family. Software within this category is designed to encrypt files in order to demand ransoms for their decryption. When we launched a sample of

Trezor Hardware Scam
Phishing/Scam

Trezor Hardware Scam

In our investigation of the website, we found it to be a phishing site posing as trezor[.]io. This scam platform aims to deceive users into divulging personal information with the intention of stealing cryptocurrency wallets and draining funds. Therefore, users should refrain from providing any in

$EBC Ransomware
Ransomware

$EBC Ransomware

$EBC is ransomware designed to prevent victims from accessing files. Upon infiltration, $EBC encrypts files, appends the ".$EBC" extension to filenames, and displays a full-screen ransom note. An example of how $EBC modifies filenames: it changes "1.jpg" to "1.jpg.$EBC", "2.png" to "2.png.$EBC", a

Creso Rewards Scam
Phishing/Scam

Creso Rewards Scam

Our analysis uncovered evidence that the Creso Rewards site is operating as a fraudulent entity, presenting itself as an authentic platform (creso[.]io). This deceptive mimicry indicates that the scam is designed to exploit the credibility and reputation of the legitimate Creso platform to deceive

SAGA AIRDROP Scam
Phishing/Scam

SAGA AIRDROP Scam

Upon our examination, we discovered that the SAGA airdrop (giveaway) is a scam. It is orchestrated by scammers who seek to deceive individuals into believing they can obtain free cryptocurrency. However, their true intention is to steal cryptocurrency from unsuspecting victims. Thus, this SAGA air

Cosmicnewspulse.com Ads
Notification Spam

Cosmicnewspulse.com Ads

After analyzing cosmicnewspulse[.]com, we have concluded that it is an untrustworthy website employing clickbait tactics to coax visitors into enabling notifications. Additionally, we found that cosmicnewspulse[.]com has the potential to redirect users to other questionable websites. Therefore, it

AgentLocator Adware (Mac)
Mac Virus

AgentLocator Adware (Mac)

While reviewing file submissions to the VirusTotal website, our research team discovered the AgentLocator application. Upon examination, we determined that it is adware. This app is part of the AdLoad malware family. Advertising-supported software generates revenue for its developers through ad

Solana Mobile Scam
Phishing/Scam

Solana Mobile Scam

The "Solana Mobile" scam mimics the official Solana subsidiary's website of the same name. It lures users into exposing their cryptowallets to a drainer. These types of scams are intended to pilfer cryptocurrency from victims' wallets. This scheme imitates the legitimate website of Solana

Claim $PRCL Scam
Phishing/Scam

Claim $PRCL Scam

"Claim $PRCL" refers to scam websites mimicking official Parcl-related platforms. These sites offer PRCL tokens in bogus airdrops, allocations, giveaways, or presale events. The scam aims to trick users into exposing their digital wallets to a cryptocurrency drainer designed to empty them of fund

XploitSPY Malware (Android)
Trojan

XploitSPY Malware (Android)

XploitSPY is an Android-specific malware. This program is based on the L3MON RAT (Remote Access Trojan). XploitSPY has extensive data-stealing functionalities and has been observed infiltrating devices bundled with various legitimate-looking applications. This malware has been around since at lea