EagleMsgSpy is a surveillance tool consisting of an installer APK and a client that runs secretly on the device. The malware targets Android users. Once infiltrated, EagleMsgSpy collects a wide range of data from infected devices. It has been active since 2017 and continues to evolve. Eagl
We discovered Gengar during our analysis of malware samples uploaded to VirusTotal. Our findings show that Gengar is ransomware designed to encrypt files, append the ".gengar" extension to filenames, and drop a ransom note ("info.txt"). An example of how Gengar renames files: it changes "1.jpg" to
We have examined the email and concluded that it is a phishing email imitating a notification from an email service provider. Scammers aim to lure unsuspecting individuals into opening a fake web page and sharing personal information. Users should be able to recognize such emails and ignore them.
Our inspection of the "Some-one Try To Login Into Your Mailbox Address" email revealed that it is spam. This fake message alerts the recipient of a suspicious sign-in attempt. The goal is to deceive them into visiting a phishing site that targets email account log-in credentials. The spam
After reading this "Qatar Foundation" email, we determined that it is spam. This fake message is presented as a congratulatory alert from the Qatar Foundation. It claims the recipient was chosen as the winner of a sum close to one million euros. The likely purpose of this spam mail is to trick vi
While inspecting suspect websites, our researchers discovered the singleclick-ads[.]com rogue page. Upon examining this webpage, we learned that it promotes browser notification spam by using an adult-oriented lure (potentially others). Additionally, singleclick-ads[.]com can redirect users to dif
While investigating spam emails, our researchers discovered the "Nadex - Bitcoin Balance" scam. It alerts users of an incredibly valuable trade, the payout for which they can receive after paying the proper fees. It must be emphasized that the information provided by the scheme is false, and this
Our team has examined topads-site[.]com and learned that it employs clickbait to trick visitors into agreeing to receive its notifications. Typically, notifications from websites like topads-site[.]com are misleading and can direct users to shady pages. Therefore, topads-site[.]com should be avoid
Linkfreeapp[.]monster is a rogue page that promotes dubious content and browser notification spam. Additionally, it can redirect users to other (likely unreliable/hazardous) websites. Our researchers discovered linkfreeapp[.]monster while investigating sites utilizing rogue advertising networks.
AppLite Banker (an updated variant of the Antidot) is a banking trojan targeting Android users. Cybercriminals deliver the malware via email by tricking victims into downloading fake applications. Once injected, AppLite Banker allows the attackers to perform a variety of malicious activities, incl