Virus and Spyware Removal Guides, uninstall instructions

What kind of scam is "Someone matched with you on Tinder!"?

Our team has analyzed this email and found that it is a fake email notification from Tinder claiming that someone has matched with you. It is worth mentioning that Tinder actually sends such notifications to its users. However, this one is sent by scammers who attempt to trick users into opening a deceptive page.

What kind of malware is Tuid?

Our malware researchers have discovered a new Djvu ransomware variant called Tuid (it was found while checking malware samples submitted to the VirusTotal page). This variant encrypts files, appends the ".tuid" extension to filenames, and creates a ransom note (it generates a text file named "_readme.txt").

An example of how files encrypted by Tuid are modified: "1.jpg" is renamed to "1.jpg.tuid", "2.png" is renamed to "2.png.tuid", and so forth.

What kind of malware is Putin_Huilo_NoWar?

Putin_Huilo_NoWar is ransomware that our team has discovered while checking the VirusTotal page for submitted malware samples. While analyzing this ransomware, we noticed that it did not encrypt our files (but may encrypt files stored on other computers). Also, Putin_Huilo_NoWar displayed a pop-up window with a ransom note in it (written in the Russian language).

What kind of scam is "Binance email scam"?

After analyzing this email scam, we concluded that it is a phishing email used to steal sensitive information. Scammers behind it pretend to be the Binance team. Their goal is to trick users into believing that they can receive 0.10 BNB tokens for linking their wallet with a Binance account via the provided website.

What kind of scam is "Your card was added to Apple pay"?

It is a phishing scam used to trick unsuspecting users into providing credit card details. Scammers use a deceptive website disguised as the official Apple page to extract information. That site is promoted using other pages that use rogue advertising networks and mobile text messages (smishing messages).

What is the Raiffeisen Bank email scam?

Our team has analyzed this email and found that it is disguised as a letter from a bank called Raiffeisen (a legitimate banking company). It is written in the Czech language and contains a website link. Scammers behind it attempt to trick recipients into providing sensitive information on a deceptive page.

What kind of application is mini dark?

We have discovered the mini dark browser extension while examining deceptive websites. After downloading and installing this app, we learned that it operates as a browser hijacker. It changes the settings of a web browser to promote a fake search engine (getsins.com). Thus, the mini dark is not a trustworthy browser extension.

What kind of malware is Borat?

Borat is the name of a remote access Trojan (RAT). Cybercriminals use RATs to obtain access and remote control on the infected computers. The Borat RAT can be used to deliver ransomware, log keystrokes, perform DDoS attacks, steal login credentials from browsers, and more.

What kind of malware is RED TEAM?

RED TEAM is ransomware that we have discovered while examining the malware samples submitted to VirusTotal. It was found that this ransomware belongs to the Babuk family. It encrypts files, appends the ".REDTM" extension to filenames, and creates the "HowToDecryptYourFiles.txt" file (a ransom note).

An example of how the RED TEAM ransomware modifies filenames: it changes "1.jpg" to "1.jpg.REDTM", "2.png" to "2.jpg.REDTM", "3.exe" to "3.exe.REDTM", and so forth.

What kind of malware is Bec?

Bec is the name of a new Sojusz ransomware variant. After examining this variant, we found that it encrypts files, appends a string of random characters, the beacon@jitjat.org email address, and ".bec" extension to filenames. It also creates the "!!!HOW_TO_DECRYPT!!!.txt" file that contains a ransom note.

An example of how Bec ransomware renames files: it renames "1.jpg" to "1.jpg.[fd4702551a].[beacon@jitjat.org].bec", "2.png" to "2.png.[fd4702551a].[beacon@jitjat.org].bec", and so forth.