Realst is a malicious program designed to steal sensitive data, such as log-in credentials, cryptocurrency wallets, and credit card details. There is also a version of Realst that targets Mac operating systems. Recently, this malware was observed being proliferated using sophisticated social engin
While testing MicroCoordinator, we noticed that it delivers unwanted and often annoying advertisements. Therefore, we classified MicroCoordinator as adware. It is worth noting that multiple security vendors flag this app as malicious. Users should avoid installing MicroCoordinator and remove it
Emmenhtal is malware that operates as a loader. Threat actors have been observed using Emmenhtal to distribute information stealers and Remote Access Trojans (RATs) on infected systems. It is known that Emmenhtal hides inside legitimate (but altered) Windows system files. Emmenhtal uses tr
Nova is a malicious program belonging to the Snake keylogger malware family. This software is designed to exfiltrate vulnerable information like log-in credentials and credit card numbers from infected devices. The presence of Nova on systems is a significant privacy threat that can cause severe i
EagleMsgSpy is a surveillance tool consisting of an installer APK and a client that runs secretly on the device. The malware targets Android users. Once infiltrated, EagleMsgSpy collects a wide range of data from infected devices. It has been active since 2017 and continues to evolve. Eagl
We discovered Gengar during our analysis of malware samples uploaded to VirusTotal. Our findings show that Gengar is ransomware designed to encrypt files, append the ".gengar" extension to filenames, and drop a ransom note ("info.txt"). An example of how Gengar renames files: it changes "1.jpg" to
We have examined the email and concluded that it is a phishing email imitating a notification from an email service provider. Scammers aim to lure unsuspecting individuals into opening a fake web page and sharing personal information. Users should be able to recognize such emails and ignore them.
Our inspection of the "Some-one Try To Login Into Your Mailbox Address" email revealed that it is spam. This fake message alerts the recipient of a suspicious sign-in attempt. The goal is to deceive them into visiting a phishing site that targets email account log-in credentials. The spam
After reading this "Qatar Foundation" email, we determined that it is spam. This fake message is presented as a congratulatory alert from the Qatar Foundation. It claims the recipient was chosen as the winner of a sum close to one million euros. The likely purpose of this spam mail is to trick vi
While inspecting suspect websites, our researchers discovered the singleclick-ads[.]com rogue page. Upon examining this webpage, we learned that it promotes browser notification spam by using an adult-oriented lure (potentially others). Additionally, singleclick-ads[.]com can redirect users to dif