Blog
Quick Heal Security Labs

About Quick Heal Security Labs

Quick Heal Security Labs is a leading source of threat research, threat intelligence, and cybersecurity. It analyzes data fetched from millions of Quick Heal products across the globe to deliver timely and improved protection to its users.

A technical analysis of the recent Petya ransomware attack

  • 9
    Shares
 June 30, 2017
Petya_ransomware_quick_heal

Estimated reading time: 4 minutes

Earlier this week, a new variant of Petya Ransomware was spotted which was creating havoc all over Europe as well as major parts of Asia including India. The major target for Petya has been Ukraine as its major banks and also the power services were hit by the attack. It’s...

AES-NI Ransomware adopts combination of Fileless and Code Injection technique

  • 29
    Shares
 June 22, 2017

Estimated reading time: 3 minutes

Cybercriminals are adopting unique ways for spreading malware and this has been evident in the cases of the Cerber ransomware where the RIG exploit was used and the WannaCry ransomware which used the SMBv1 vulnerability. And now it’s the AES-NI ransomware which uses a combination of fileless and code injection...

Just hovering your computer mouse over a hyperlink can get your computer infected

  • 96
    Shares
 June 21, 2017

Estimated reading time: 3 minutes

In a new kind of attack, cybercriminals are infecting computers with a banking Trojan simply by fooling users into hovering over a link embedded in a malicious PowerPoint file. Attackers are sending malicious PowerPoint Show (PPS) or Open XML Slide Show (PPSX) to users via spam emails. These files only...

Beware! The TrickBot Trojan is back

  • 31
    Shares
 June 16, 2017

Estimated reading time: 3 minutes

TrickBot Trojan was first identified in mid-2016 and considered similar to the Dyreza banking Trojan. Initially, the payload (the component of a computer virus that executes a malicious activity) was spreading through a malvertising campaign using the Rig Exploit Kit. From our current findings, we have found that TrickBot has...

CertLock Trojan can disable your antivirus software

  • 43
    Shares
 June 13, 2017

Estimated reading time: 2 minutes

An antivirus software keeps your computer safe from malware, viruses, online threats, and suspicious or harmful elements. Although bypassing this protective guard is a difficult task for attackers, they never stop trying to do so. Recently, we came across a malware that is designed to interfere with the infected system’s...

Google Play apps hit by Judy Malware

  • 4
    Shares
 June 1, 2017

Estimated reading time: 4 minutes

It’s turning out to be a bad month for the digital world. While the world is recovering from the WannaCry Ransomware outbreak, we now have a new malware on the loose and it is targeting Android devices. The malware is called Judy and it has infected around 41 apps in...

PDF files with embedded docm files now deliver Jaff Ransomware

  • 38
    Shares
 May 23, 2017

Estimated reading time: 4 minutes

Adding to the havoc created by the recent outbreak of the WannaCry Ransomware is a new entry to the list of encrypting ransomware called ‘Jaff’. Reportedly, this variant has been created by the authors of the Locky ransomware. The source of this ransomware is the Necurs botnet which is using...

Beware of the JokerQuiz – It’s a fraud!

  • 25
    Shares
 May 22, 2017

Estimated reading time: 2 minutes

Adware are unwanted programs installed on the system with or without user consent. They change your Internet browser’s settings and display unwanted and fraudulent pop-up ads. They also trick users by offering unbelievable deals. With technological advancements, adware are becoming smarter. JokerQuiz is one such adware that pretends to be...

DNS Hijacking – a trend carried by Adware

  • 20
    Shares
 April 21, 2017

Estimated reading time: 3 minutes

Adware have always known to be the most annoying group of malware since the beginning. Disrupting user’s browsing experience by showing countless advertising banners and redirecting them to websites without their consent. If that isn’t troublesome enough, getting rid of them is another big challenge in several cases. Gone are...

Cerber Ransomware and Kovter Trojan Team up Together

  • 13
    Shares
 April 14, 2017

Estimated reading time: 3 minutes

For the last 2 weeks, we have been observing a malware campaign using spam emails that look like they are from United States Postal Service (USPS) or FedEx. These emails are distributing the Cerber Ransomware along with Kovter Trojan – a lethal combination! The spam email contains a malicious script...