Virus and Spyware Removal Guides, uninstall instructions

What kind of page is hijnis[.]sbs?

Our researchers discovered the hijnis[.]sbs rogue page while investigating untrustworthy websites. After examining the webpage, we learned that it endorses scams and spam browser notifications. Additionally, hijnis[.]sbs can produce redirects to different (likely unreliable/harmful) sites.

The majority of visitors to pages like hijnis[.]sbs access them through redirects caused by websites utilizing rogue advertising networks. Alternative ways of access include intrusive ads, spam notifications, mistyped URLs, and installed adware.

What kind of email is "Signed Invoice"?

After inspecting this "Signed Invoice" email, we determined that it is spam. The message claims that the recipient could not be otherwise contacted, so they have been sent the invoice via email. This is a phishing campaign that targets email account log-in credentials through fake document-sharing websites.

What is the fake "Exodus Clear Signing Activation" website?

Our researchers found this "Exodus Clear Signing Activation" scam during a routine investigative session. We discovered it on exodus-clearsigning[.]com, but it could be hosted elsewhere. This scheme impersonates the official website of the Exodus cryptocurrency wallet – exodus.com. The fake page is a phishing website that targets digital wallet log-in credentials (passphrases).

What kind of malware is JinxLoader?

JinxLoader is a cross-platform loader written in the Go programming language that targets Windows and Linux operating systems. It is designed to create botnets and cause further system infections.

JinxLoader has first been observed in the Autumn of 2023. After a suspected code sale to two threat actors, an updated variant of this malware and a full rewrite in C++ programming language – named Astolfo – were released. All iterations of JinxLoader were offered as MaaS (Malware-as-a-Service); i.e., they are offered for sale/rent to aspiring cyber criminals.

What is "Mantle Rewards Station"?

We have examined the page (rewards.mantleweb3[.]xyz) and learned that it is a scam website. It is designed to appear like the real site (mantle.xyz) and trick users into taking action that could result in cryptocurrency theft. Users should be careful when encountering such pages to avoid monetary loss.

What is AutoClicker?

AutoClicker is an application created to automate the clicking of a mouse on a computer screen element. However, we found that it is distributed through torrents and similar channels, and its installer (and the app itself) is flagged as malicious by multiple security vendors. Thus, it is advisable to avoid installing AutoClicker on computers.

What kind of malware is GhostSpider?

GhostSpider is an advanced, multi-layered backdoor that can load various modules, each designed for specific tasks or functions. This backdoor has been recently discovered and observed targeting telecommunications companies in Southeast Asia. It operates stealthily, allowing attackers to carry out their objectives without detection.

What kind of page is oppush[.]space?

Our team has examined oppush[.]space and concluded that this web page cannot be trusted. It displays a deceptive message and requests permission to show notifications that can be used to promote unreliable content. Overall, users should avoid visiting opush[.]space and not allow it to send notifications.

What kind of page is activesafe[.]site?

We have inspected activesafe[.]site and discovered that it displays various fake warnings and requests permission to show notifications. Usually, users who agree to receive notifications from sites like activesafe[.]site are bombarded with annoying and misleading ads and other content. Thus, it is highly advisable not to trust activesafe[.]site.

What kind of scam is "Email Server Notification"?

We have analyzed this email and discovered that it is a fake email server notification containing a link to a phishing website. Scammers behind this fraudulent email seek to extract personal information from recipients. This email should be ignored to avoid potential negative consequences.