Virus and Spyware Removal Guides, uninstall instructions

Mailbox Restriction Notice Email Scam

What kind of email is "Mailbox Restriction Notice"?

After examining the "Mailbox Restriction Notice" email, we determined that it is spam used to run a phishing scam. This letter makes false claims regarding the suspension of the recipient's email account due to a lack of storage space. The aim is to promote a phishing site targeting email account log-in credentials.

Buhti Ransomware

What kind of malware is Buhti?

Buhti is ransomware targeting both Windows and Linux systems. The Buhti ransomware payload, designed to target Windows computers, is a variant of the previously leaked LockBit 3.0 ransomware with minor modifications. In order to attack Linux systems, Buhti ransomware utilizes a modified version of the leaked Babuk ransomware.

Buhti encrypts files and replaces their filenames with a string of random characters, and appends the victim's ID as their extension. For instance, it replaces "1.jpg" with "4G8of7O.fxkJts2wg", "2.png" with "HePwiFM.fxkJts2wg", and so forth. Buhti also drops a ransom note named "[victim's_ID].README.txt".

Kraken Keylogger

What kind of malware is Kraken?

Kraken is a malware that empowers threat actors to illicitly acquire diverse sensitive information from different web browsers and applications. The creators of Kraken offer it for sale on a hacker forum, with pricing options of $29 for 30 days, $49 for 90 days, and $69 for 180 days. Cybercriminals have been observed distributing Kraken through email. Ads

What kind of page is koddams[.]xyz?

Koddams[.]xyz is a rogue page that we discovered during a routine inspection of untrustworthy websites. It attempts to deceive visitors into enabling its browser notification delivery. Additionally, this webpage can redirect users to different (likely dubious/malicious) sites.

Most visitors to pages like koddams[.]xyz enter them through redirects generated by websites using rogue advertising networks.

EXISC Ransomware

What kind of malware is EXISC?

EXISC is a ransomware-type program that we discovered while investigating new submissions to the VirusTotal site. It is designed to encrypt data and demand payment for its decryption.

After we executed a sample of this ransomware on our testing system, it encrypted files and appended their titles with a ".EXISC" extension. For example, an original filename such as "1.jpg" appeared as "1.jpg.EXISC", "2.png" as "2.png.EXISC", etc.

Afterwards, EXISC created a ransom note named "Please Contact Us To Restore.txt"; based on the message therein, it is evident that this ransomware targets large entities rather than home users. Ads

What kind of page is topsadrettin[.]com?

During our analysis of topsadrettin[.]com, we identified that the website exhibits a deceptive message and prompts visitors to grant permission to display notifications. Moreover, topsadrettin[.]com has the potential to redirect users to other dubious websites. We encountered topsadrettin[.]com while investigating sites that utilize shady advertising networks. Ads

What kind of page is[.]in?

During our investigation of[.]in, our team uncovered its use of deceptive content designed to deceive visitors into subscribing to push notifications. Additionally,[.]in may lead to other shady websites. Our encounter with[.]in occurred while examining various pages that use rogue advertising networks. Ads

What kind of page is tophome24[.]com?

During our examination of tophome24[.]com, we observed its intention to display untrustworthy notifications. Tophome24[.]com employs a misleading message designed to entice visitors into granting permission to receive its notifications. Our discovery of tophome24[.]com occurred while investigating other suspicious websites. Ads

What kind of page is valeuceplangka[.]com?

In the course of our investigation into suspicious advertising networks, our team encountered valeuceplangka[.]com. This website is purposefully created to trick users into subscribing to its notifications and may be able to redirect visitors to other shady pages. It is rare for users to visit such pages intentionally. Ads

What kind of page is rondureblog[.]com?

We discovered the rondureblog[.]com page during a routine investigation of dubious websites. It promotes browser notification spam and redirects users to other (likely untrustworthy/hazardous) sites. Most visitors to rondureblog[.]com and similar webpages access them via redirects generated by sites that use rogue advertising networks.


Page 9 of 1854

<< Start < Prev 1 2 3 4 5 6 7 8 9 10 Next > End >>
About PCrisk

PCrisk logo

PCrisk is a cyber security portal, informing Internet users about the latest digital threats. Our content is provided by security experts and professional malware researchers. Read more about us.

Malware activity

Global malware activity level today:

Medium threat activity

Increased attack rate of infections detected within the last 24 hours.

Virus and malware removal

This page provides information on how to avoid infections by malware or viruses and is useful if your system suffers from common spyware and malware attacks.

Learn about malware removal