Step-by-Step Malware Removal Instructions

MMXXII Ransomware
Ransomware

MMXXII Ransomware

While inspecting new submissions to VirusTotal, our research team discovered the MMXXII ransomware. This malicious program is part of the Phobos ransomware family. After executing a sample of MMXXII on our test system, it began encrypting files and altering their filenames. The titles of the affe

CapraRAT Malware (Android)
Trojan

CapraRAT Malware (Android)

CapraRAT is the name of an Android remote access trojan (RAT), possibly a modified version of another (open-source) RAT called AndroRAT. It is known that CapraRAT is used by an advanced persistent threat group (ATP) called APT36 (also known as Earth Karkaddan). CapraRAT allows attackers to perform

Ourhugenews.com Ads
Notification Spam

Ourhugenews.com Ads

Ourhugenews[.]com is a rogue webpage discovered by our researchers during a routine investigation of suspicious sites. This page promotes browser notification spam and redirects visitors to other (likely unreliable/dangerous) websites. Users typically access such pages via redirects caused by site

Your PayPal Account Is Temporarily Limited Email Scam
Phishing/Scam

Your PayPal Account Is Temporarily Limited Email Scam

After examining this email, we concluded that it is a fake letter from PayPal regarding account status. It is sent by scammers who aim to trick recipients into providing sensitive information. This email contains a link that opens a phishing website (a fake PayPal page asking to provide login cred

OkHacked Ransomware
Ransomware

OkHacked Ransomware

Our researchers found the OkHacked ransomware during a routine inspection of new submissions to VirusTotal. This malicious program is based on the Chaos ransomware, and it is designed to encrypt data and demand payment for the decryption. After we executed a sample of OkHacked on our test machine

Netlock Ransomware
Ransomware

Netlock Ransomware

Netlock is ransomware designed to encrypt files, append the ".netlock" extension to filenames, and create the "how_to_back_files.html" file that contains a ransom note. Our team discovered Netlock while examining samples submitted to the VirusTotal page. We also found that Netlock is part of the M

PayPal - Your Order Is Already Processed Email Scam
Phishing/Scam

PayPal - Your Order Is Already Processed Email Scam

After inspecting the "PayPal - Your Order Is Already Processed" email, we determined that it is spam. This fake email is presented as a notification from PayPal informing the recipient of a successfully processed order. This mail aims to trick users into calling the provided telephone number and e

NativeSimply Adware (Mac)
Mac Virus

NativeSimply Adware (Mac)

While testing the NativeSimply application, our team learned that it generates intrusive advertisements to promote various websites and apps. Software that shows ads is called adware (or advertising-supported software). We discovered NativeSimply after using a fake installer downloaded from a sh

Sopuw.click Ads
Notification Spam

Sopuw.click Ads

While examining sopuw[.]click, we learned that it promotes legitimate software in a deceptive way (it displays fake virus warnings) and asks for permission to show notifications. Our team discovered sopuw[.]click while inspecting websites that use rogue advertising networks. Users rarely visit pag

LegionSuites Adware (Mac)
Mac Virus

LegionSuites Adware (Mac)

LegionSuites is an application that generates revenue for its developer by bombarding users with various advertisements. Software of this type is called adware. We discovered LegionSuites after examining a fake installer that is supposed to update the Adobe Flash Player. We classified Le