Emmenhtal is malware that operates as a loader. Threat actors have been observed using Emmenhtal to distribute information stealers and Remote Access Trojans (RATs) on infected systems. It is known that Emmenhtal hides inside legitimate (but altered) Windows system files. Emmenhtal uses tr
Nova is a malicious program belonging to the Snake keylogger malware family. This software is designed to exfiltrate vulnerable information like log-in credentials and credit card numbers from infected devices. The presence of Nova on systems is a significant privacy threat that can cause severe i
EagleMsgSpy is a surveillance tool consisting of an installer APK and a client that runs secretly on the device. The malware targets Android users. Once infiltrated, EagleMsgSpy collects a wide range of data from infected devices. It has been active since 2017 and continues to evolve. Eagl
We discovered Gengar during our analysis of malware samples uploaded to VirusTotal. Our findings show that Gengar is ransomware designed to encrypt files, append the ".gengar" extension to filenames, and drop a ransom note ("info.txt"). An example of how Gengar renames files: it changes "1.jpg" to
We have examined the email and concluded that it is a phishing email imitating a notification from an email service provider. Scammers aim to lure unsuspecting individuals into opening a fake web page and sharing personal information. Users should be able to recognize such emails and ignore them.
Our inspection of the "Some-one Try To Login Into Your Mailbox Address" email revealed that it is spam. This fake message alerts the recipient of a suspicious sign-in attempt. The goal is to deceive them into visiting a phishing site that targets email account log-in credentials. The spam
After reading this "Qatar Foundation" email, we determined that it is spam. This fake message is presented as a congratulatory alert from the Qatar Foundation. It claims the recipient was chosen as the winner of a sum close to one million euros. The likely purpose of this spam mail is to trick vi
While inspecting suspect websites, our researchers discovered the singleclick-ads[.]com rogue page. Upon examining this webpage, we learned that it promotes browser notification spam by using an adult-oriented lure (potentially others). Additionally, singleclick-ads[.]com can redirect users to dif
While investigating spam emails, our researchers discovered the "Nadex - Bitcoin Balance" scam. It alerts users of an incredibly valuable trade, the payout for which they can receive after paying the proper fees. It must be emphasized that the information provided by the scheme is false, and this
Our team has examined topads-site[.]com and learned that it employs clickbait to trick visitors into agreeing to receive its notifications. Typically, notifications from websites like topads-site[.]com are misleading and can direct users to shady pages. Therefore, topads-site[.]com should be avoid