Blog
Quick heal blog

Beware of cyber attacks this holiday season!

  • 10
    Shares
 September 17, 2018
holiday-scam

Estimated reading time: 3 minutes

As the calendar enters into September, a celebratory mood envelops the entire subcontinent. With a range of festivals throughout the festive autumn months, this is truly a time of celebration and joy as the entire country comes together. Whether it is Ganesh Chaturthi, Durga Puja, Diwali or Christmas, people everywhere...

CVE-2018-8440 – Task Scheduler ALPC Zero-Day Exploit in the Wild

  • 10
    Shares
 September 12, 2018

Estimated reading time: 1 minute

The recent zero-day vulnerability CVE-2018-8440 in Windows Task Scheduler enables attackers to perform a privilege elevation on targeted machines. Microsoft has released a security advisory CVE-2018-8440 on September 11, 2018 to address this issue. According to Microsoft, successful exploitation of this vulnerability could run arbitrary code in the security context...

How secure is the Wi-Fi router at your home?

  • 115
    Shares
 September 6, 2018

Estimated reading time: 3 minutes

Your router, the box sitting in the corner of your house powers all your smart devices- mobile phones, laptops, tablets etc. with internet. It is the device which is directly exposed to the outside world and thus can be vulnerable to getting hacked. It may not store your personal information,...

“Troldesh’s” One More Variant in the Encryption Offender

  • 20
    Shares
 September 3, 2018

Estimated reading time: 4 minutes

Over the past few days, we have been observing criminals/hackers using a new carrier to deliver the ransomware malware. Recently, Quick Heal Security Labs observed a new variant of Troldesh ransomware which encrypts the data and adds the extension as “.no_more_ransom”. This ransomware comes under Crypto-Ransomware variant, the origin of this...

I am invisible – Monero (XMR) Miner

  • 43
    Shares
 September 3, 2018

Estimated reading time: 4 minutes

From the last one year, Quick Heal Security Labs has been observing a boost in the number of mining malware. Nowadays malware authors are using mining as a replacement for Ransomware to make money. Recently Quick Heal Security Labs came across a malware which mines Monero(XMR). This miner has many...

A new ransomware campaign in the wild,Ryuk!!

  • 20
    Shares
 August 28, 2018

Estimated reading time: 4 minutes

Recently, Quick Heal Security Labs observed a new destructive ransomware named ‘Ryuk. Ransomware’. This ransomware campaign has already affected many users worldwide and seems to be a spear phishing attack. The compelling thing, it encrypts victim files without appending any extension but making files unreadable. Ryuk uses robust military algorithms...

Be aware! Hiddad Malware present on Google Play Store.

  • 33
    Shares
 August 27, 2018

Estimated reading time: 3 minutes

Quick Heal Security Lab has spotted a couple of applications on play store which hide themselves after installation and display full screen ads after specific time interval. This trend is used by most of the developers these days to earn profit by displaying ads. Even if users want to uninstall...

Android malware that combines a Banking Trojan, Keylogger, and Ransomware in one package

  • 37
    Shares
 August 17, 2018

Estimated reading time: 8 minutes

This malware has all basic functionalities of the Android banker along with additional features like call forwarding, sound recording, keylogging and ransomware activities. It has the ability to launch user’s browser with URL received from the C&C server. It repeatedly opens the accessibility setting page until the user switches ON the ‘AccessibilityService’. The...

Again! A New .NET Ransomware Shrug2

  • 30
    Shares
 August 10, 2018

Estimated reading time: 5 minutes

For several months, Quick Heal Security Labs has been observing an increase in ransomware which are built in  .NET framework. Ransomware like SamSam, Lime and now Shrug was found to be built in .NET framework. Malware authors are finding it very easy to build and obfuscate malware in .NET framework rather than making them in...

Cryptocurrency miner hits IoT devices, mostly affects Brazil and Russia!

  • 21
    Shares
 August 9, 2018

Estimated reading time: 3 minutes

According to a blogpost published on Aug 1, 2018, 200,000 routers in Brazil were compromised to deliver Cryptocurrency mining scripts to mine Monero (XMR) cryptocurrency. Hackers compromised the vulnerable MikroTik routers by injecting CoinHive scripts into the routers web pages in order to carry out the mass Cryptocurrency miner attack....