Step-by-Step Malware Removal Instructions

Email Service Enhancement Scam
Phishing/Scam

Email Service Enhancement Scam

We have inspected the email and concluded that it is a fake from "IT Software Operator" regarding the activation of upgraded mailbox storage. The scammers behind this fraudulent email aim to extract personal information from recipients through a deceptive page. Such emails are classified as phishi

VShell Malware (Mac)
Mac Virus

VShell Malware (Mac)

VShell is a piece of malicious software with backdoor, RAT (Remote Access Trojan), and injector abilities. This program can cause chain infections and execute commands on infected machines. VShell is highly compatible, as it can infiltrate payloads for Mac (macOS), Windows, and Linux operating s

SNOWLIGHT Malware (Mac)
Mac Virus

SNOWLIGHT Malware (Mac)

SNOWLIGHT is a malware that targets Mac operating systems (macOS). It acts as a dropper (i.e., can cause chain infections) and has been observed being used to infiltrate the VShell malware into compromised devices. The SNOWLIGHT dropper has been used by a threat actor tracked as "UNC5174". It is

Stealc_v2 Stealer
Trojan

Stealc_v2 Stealer

Stealc_v2 is the second version of the Stealc stealer-type malware. This new variant was released in April 2025. Stealc_v2 is written in the C++ programming language. This malicious program is designed to extract and exfiltrate vulnerable data from infected systems and installed apps. At the time

Hudson Ransomware
Ransomware

Hudson Ransomware

Our researchers discovered Hudson ransomware while investigating new submissions to the VirusTotal website. This type of malware encrypts victims' files and demands ransoms for the decryption. After we executed a sample of Hudson ransomware on our testing system, it encrypted files and appended t

Binance - Urgent Security Alert Email Scam
Phishing/Scam

Binance - Urgent Security Alert Email Scam

Our inspection of the "Binance - Urgent Security Alert" email, revealed that it is spam. This phishing message claims a suspicious sign-in attempt has been detected on the recipient's Binance account. By trying to investigate the supposed sign-in, users are lured into disclosing their account log-

Mosdefender.co.in Ads
Notification Spam

Mosdefender.co.in Ads

Our researchers discovered the mosdefender.co[.]in rogue page while investigating dubious websites. This webpage is designed to promote browser notification spam and redirect users to other (likely untrustworthy/malicious) websites. Most visitors to mosdefender.co[.]in and similar pages access the

Beraborrow ($BERA) Rewards Scam
Phishing/Scam

Beraborrow ($BERA) Rewards Scam

During a routine investigative session, our research team discovered a fake "Beraborrow ($BERA) Rewards" website. It masquerades as Beraborrow (beraborrow.com) running a poll, the participants of which can receive rewards. The scam site aims to deceive users into exposing their digital wallets to

Hero Ransomware
Ransomware

Hero Ransomware

Hero is a ransomware discovered by our researchers during a routine inspection of new file submissions to VirusTotal. This malicious program is part of the Proton ransomware family. Malware within this classification encrypts data and demands payment for the decryption. On our testing system, Her

Forgive Ransomware
Ransomware

Forgive Ransomware

Our researchers discovered Forgive ransomware while browsing new submissions to the VirusTotal website. This malicious program encrypts files and demands ransoms for the decryption. After we executed a sample of Forgive on our test machine, it encrypted files and added a ".forgive" extension to t