After inspecting this "John Travolta Foundation" email, we determined that it is spam. This message claims that the recipient has received an incredibly large sum from the "John Travolta Foundation". It must be emphasized that this email is not associated with any real public figures or foundatio
While browsing suspicious sites, our researchers discovered the gembujabbercaseroobox[.]com rogue webpage. We found that it promotes dubious software and browser notification spam. Additionally, this page can redirect visitors to different (likely untrustworthy/hazardous) sites. Webpages like gem
Search-2go.com is a fake search engine. Like most pages of this kind, it cannot provide search results and redirects users to legitimate Internet search websites. It is noteworthy that search-2go.com has been observed featuring as an intermediary in redirection chains caused by browser hijackers.
Search-owl.com is the address of a fake search engine. Unlike most websites of this kind, it can provide search results, but they are inaccurate and may include deceptive content. Search-owl.com likely collects information about its visitors as well. Typically, fraudulent search engines are promot
Realst is a malicious program designed to steal sensitive data, such as log-in credentials, cryptocurrency wallets, and credit card details. There is also a version of Realst that targets Mac operating systems. Recently, this malware was observed being proliferated using sophisticated social engin
While testing MicroCoordinator, we noticed that it delivers unwanted and often annoying advertisements. Therefore, we classified MicroCoordinator as adware. It is worth noting that multiple security vendors flag this app as malicious. Users should avoid installing MicroCoordinator and remove it
Emmenhtal is malware that operates as a loader. Threat actors have been observed using Emmenhtal to distribute information stealers and Remote Access Trojans (RATs) on infected systems. It is known that Emmenhtal hides inside legitimate (but altered) Windows system files. Emmenhtal uses tr
Nova is a malicious program belonging to the Snake keylogger malware family. This software is designed to exfiltrate vulnerable information like log-in credentials and credit card numbers from infected devices. The presence of Nova on systems is a significant privacy threat that can cause severe i
EagleMsgSpy is a surveillance tool consisting of an installer APK and a client that runs secretly on the device. The malware targets Android users. Once infiltrated, EagleMsgSpy collects a wide range of data from infected devices. It has been active since 2017 and continues to evolve. Eagl
We discovered Gengar during our analysis of malware samples uploaded to VirusTotal. Our findings show that Gengar is ransomware designed to encrypt files, append the ".gengar" extension to filenames, and drop a ransom note ("info.txt"). An example of how Gengar renames files: it changes "1.jpg" to