Step-by-Step Malware Removal Instructions

Sales Contract Email Scam
Phishing/Scam

Sales Contract Email Scam

Upon reviewing this letter, we have determined that it is a phishing email aimed at obtaining sensitive information from its recipients. The email includes an attachment that leads to a fraudulent website. It is disguised as a letter regarding a sales contract from the Sea Map Group. This

Fast-redirectus.xyz Ads
Notification Spam

Fast-redirectus.xyz Ads

Fast-redirectus[.]xyz is the address of a rogue webpage that we discovered while inspecting untrustworthy sites. This page is designed to promote spam browser notifications and redirect users to other (likely dubious/malicious) websites. Most visitors to webpages like fast-redirectus[.]xyz access

MgBot Malware
Trojan

MgBot Malware

MgBot is a malware framework. It is capable of causing chain infections (i.e., downloading/installing additional malicious programs or components). Additionally, this framework supports multiple plug-ins that are geared toward data exfiltration. MgBot has been used in an attack on an African tele

Top-search.xyz Redirect
Browser Hijacker

Top-search.xyz Redirect

Our examination has revealed that top-search.xyz is a fake search engine. Such search engines are usually promoted through browser hijackers, which users unknowingly install on computers or add to browsers as apps. As a result, the browser settings are modified without their knowledge or consent.

Fleckpe Trojan (Android)
Trojan

Fleckpe Trojan (Android)

Fleckpe is a recently discovered Android Trojan family found on Google Play, which secretly subscribes victims to paid services. This Trojan primarily affects users in Thailand. It has been active since the start of 2022 and is continuously updated with new capabilities. Cybercriminals can

Oneettinlive.com Ads
Notification Spam

Oneettinlive.com Ads

While examining websites that utilize illegitimate advertising networks, our team found oneettinlive[.]com, an untrustworthy webpage that presents visitors with deceitful material to trick them into enabling browser notifications. Typically, users do not intentionally visit sites like oneettinlive

Quick Close Tab Adware
Adware

Quick Close Tab Adware

While testing the Quick Close Tab extension, we found that it is supposed to close the current tab in a context menu but shows advertisements. Thus, we classified Quick Close Tab as adware. It is worth noting that our team discovered Quick Close Tab on a deceptive website. Usually, apps li

Foty Ransomware
Ransomware

Foty Ransomware

During our examination of malware samples submitted to VirusTotal, we came across a ransomware variant belonging to the Djvu family, dubbed Foty. This ransomware encrypts files and adds the ".foty" extension to the filenames. Additionally, Foty also leaves a ransom note file called "_readme.txt".

Nongloths.com Ads
Notification Spam

Nongloths.com Ads

Our research team discovered the nongloths[.]com rogue page while inspecting suspicious websites. It is designed to promote spam browser notifications and redirect users to different (likely unreliable/dangerous) sites. Users typically enter webpages like nongloths[.]com through redirects caused b

Nkingwitheaam.com Ads
Notification Spam

Nkingwitheaam.com Ads

Nkingwitheaam[.]com is a rogue website that we discovered during a routine inspection of suspicious pages. It is designed to promote browser notification spam and redirect visitors to other (likely untrustworthy/harmful) sites. Users typically access webpages like nkingwitheaam[.]com via redirects