Step-by-Step Malware Removal Instructions

MgBot Malware
Trojan

MgBot Malware

MgBot is a malware framework. It is capable of causing chain infections (i.e., downloading/installing additional malicious programs or components). Additionally, this framework supports multiple plug-ins that are geared toward data exfiltration. MgBot has been used in an attack on an African tele

Top-search.xyz Redirect
Browser Hijacker

Top-search.xyz Redirect

Our examination has revealed that top-search.xyz is a fake search engine. Such search engines are usually promoted through browser hijackers, which users unknowingly install on computers or add to browsers as apps. As a result, the browser settings are modified without their knowledge or consent.

Fleckpe Trojan (Android)
Trojan

Fleckpe Trojan (Android)

Fleckpe is a recently discovered Android Trojan family found on Google Play, which secretly subscribes victims to paid services. This Trojan primarily affects users in Thailand. It has been active since the start of 2022 and is continuously updated with new capabilities. Cybercriminals can

Oneettinlive.com Ads
Notification Spam

Oneettinlive.com Ads

While examining websites that utilize illegitimate advertising networks, our team found oneettinlive[.]com, an untrustworthy webpage that presents visitors with deceitful material to trick them into enabling browser notifications. Typically, users do not intentionally visit sites like oneettinlive

Quick Close Tab Adware
Adware

Quick Close Tab Adware

While testing the Quick Close Tab extension, we found that it is supposed to close the current tab in a context menu but shows advertisements. Thus, we classified Quick Close Tab as adware. It is worth noting that our team discovered Quick Close Tab on a deceptive website. Usually, apps li

Foty Ransomware
Ransomware

Foty Ransomware

During our examination of malware samples submitted to VirusTotal, we came across a ransomware variant belonging to the Djvu family, dubbed Foty. This ransomware encrypts files and adds the ".foty" extension to the filenames. Additionally, Foty also leaves a ransom note file called "_readme.txt".

Nongloths.com Ads
Notification Spam

Nongloths.com Ads

Our research team discovered the nongloths[.]com rogue page while inspecting suspicious websites. It is designed to promote spam browser notifications and redirect users to different (likely unreliable/dangerous) sites. Users typically enter webpages like nongloths[.]com through redirects caused b

Nkingwitheaam.com Ads
Notification Spam

Nkingwitheaam.com Ads

Nkingwitheaam[.]com is a rogue website that we discovered during a routine inspection of suspicious pages. It is designed to promote browser notification spam and redirect visitors to other (likely untrustworthy/harmful) sites. Users typically access webpages like nkingwitheaam[.]com via redirects

Tropical Horizons Wallpapers Browser Hijacker
Browser Hijacker

Tropical Horizons Wallpapers Browser Hijacker

Our researchers found the Tropical Horizons Wallpapers browser extension while inspecting deceptive websites. This piece of software promises to display tropics-themed wallpapers. However, our investigation revealed that Tropical Horizons Wallpapers operates as a browser hijacker, i.e., it makes a

Improvements To All Our e Mail Servers Scam
Phishing/Scam

Improvements To All Our e Mail Servers Scam

Our inspection of the "Improvements To All Our e Mail Servers" email revealed that it is spam. It falsely claims that the mail servers are undergoing upgrades, which if not implemented – will result in the recipient's email account getting deactivated. This scam letter aims to steal account log-in