Step-by-Step Malware Removal Instructions

Hgml Ransomware
Ransomware

Hgml Ransomware

While analyzing malware samples submitted to VirusTotal, we encountered a ransomware variant known as Hgml. This specific ransomware is crafted to encrypt files and modify their filenames by adding the ".hgml" extension. Additionally, Hgml creates a ransom note that can be found within a file name

Hgkd Ransomware
Ransomware

Hgkd Ransomware

During our examination of malware samples on the VirusTotal page, we came across the Hgkd ransomware, which is part of the Djvu family. When this ransomware infiltrates a computer, it encrypts data and appends the ".hgkd" extension to filenames. For instance, a file named "1.jpg" becomes "1.jpg.hg

Systemsecurity.click Ads
Notification Spam

Systemsecurity.click Ads

While investigating suspect sites, our research team found the systemsecurity[.]click webpage. It is designed to promote scams and browser notification spam. This page can also redirect visitors to other (likely unreliable/dangerous) websites. Users predominantly access systemsecurity[.]click and

Dragon Baby Browser Hijacker
Browser Hijacker

Dragon Baby Browser Hijacker

Our researchers discovered the Dragon Baby browser extension during a routine inspection of deceptive webpages. After analyzing this piece of software, we determined that it is a browser hijacker. Dragon Baby makes changes to browser settings in order to promote the dragonboss.solutions fake sear

Error Code: W9KA528V POP-UP Scam
Phishing/Scam

Error Code: W9KA528V POP-UP Scam

Our research team discovered the "Error Code: W9KA528V" technical support scam during a routine investigation of untrustworthy websites. It is presented as a warning from Microsoft Windows stating that the user's system has been blocked due to security concerns. This scam aims to trick victims int

AdvancedUpdater Adware (Mac)
Mac Virus

AdvancedUpdater Adware (Mac)

After assessing the AdvancedUpdater application, we have noticed that it frequently displays intrusive ads. Apps of this type are categorized as adware. Users often install applications like AdvancedUpdater without fully comprehending the potential repercussions they could face. Adware-t

Nehmeh Purchase Order Email Scam
Phishing/Scam

Nehmeh Purchase Order Email Scam

Our examination of the "Nehmeh Purchase Order" email revealed that it facilitates a phishing scam. The recipient is requested to review the specifications of a potential purchase provided in the attachment. The attached file targets email account log-in credentials. It must be stressed that this

RDP Stealer
Trojan

RDP Stealer

RDP stealer is a malicious program that targets Remote Desktop Protocol (RDP) log-in credentials. Its developers are offering this stealer for sale on the Web. Hence, how this malware is distributed depends on the cyber criminals using it at the time. This stealer targets specific informat

ParaceratheriumBugtiense Malicious Extension
Adware

ParaceratheriumBugtiense Malicious Extension

In the course of our examination of the ParaceratheriumBugtiense browser extension, we came across troubling activities, including the activation of the "Managed by your organization" function in Chrome settings and the collection of user data. Our encounter with ParaceratheriumBugtiense stemmed f

Loda RAT
Trojan

Loda RAT

Loda, a remote access trojan (RAT), has remained actively employed by various threat actors since 2016. Its capabilities encompass activities like password theft, collecting sensitive data, keylogging, screen capture, and disseminating additional malicious payloads. Typically, Loda is delivered vi