Blog

Hacker

Malspam email – Jack of all malware, master of none.

  • 1
    Share
 January 21, 2019

Estimated reading time: 4 minutes

Malspam email or malicious spam emails are considered to be one of the favorite malware delivery channels for the attackers to deliver the malware to targeted victims. Attackers also run spam email campaigns to distribute their malware to a large number of users. For attackers to succeed, two things are...

Ransomware displaced by cryptojacking as the most trending cyberthreat but it is not dead yet

  • 34
    Shares
 January 9, 2019

Estimated reading time: 2 minutes

For those of you who have experienced the worst of Ransomware attacks in the form of WannaCry and Petya and believe that the worst is over; you never know what may await you on the other side of this New Year. While the recent threat analysis reports by Quick Heal...

Beware! Your website might be delivering Emotet malware

  • 17
    Shares
 December 29, 2018

Estimated reading time: 11 minutes

In 2018, we saw a surge in Emotet activity. Emotet started as a banking trojan but this blog will shed light on how it has also become a “threat distributor”. We will also discuss server-side and client-side activity and how it spreads. Its self-propagation makes it all the more challenging...

GandCrab says, “We will become back very soon! ;)”

 December 18, 2018

Estimated reading time: 5 minutes

GandCrab has been in the wild since last week of January 2018. Over the period it kept learning from its mistakes and GandCrab’s agile development grabbed the attention of many security researchers. From moving its servers to Namecoin powered Top Level Domain (.BIT TLD) servers after the first breach, then learning from...

Sophisticated Ransomware : “Katyusha”

  • 16
    Shares
 December 14, 2018

Estimated reading time: 6 minutes

For several months, Quick Heal Security Labs has been observing an increase in ransomware, we have found one more interesting ransomware which encrypts files and adds extension “.katyusha” and demands for an amount of 0.5 btc within three days and threatens to release the data to public download if the ransom is not...

How can my Facebook account be misused if hacked?

  • 3
    Shares
 October 4, 2018

Estimated reading time: 2 minutes

At a time when most of us are living in a virtual world, where we are connected to our friends and family mostly through social networking sites, imagine what it would be like to find your social media account hacked!! That’s exactly what happened with 50 million of Facebook users...

50 Million Facebook Accounts Hacked – Time to act before it’s too late!

  • 1
    Share
 October 1, 2018

Estimated reading time: 2 minutes

The afternoon of September 28th 2018 brought in a wave of shock for 50 million Facebook users, when they found themselves logged out of Facebook!! In one of the worst data breach attacks in the history of Facebook, over 90 million users on Friday afternoon, were forced to log out...

Have You Received A Call To Replace Your Stripe-Only Card With EMV Chip Card Yet?

  • 46
    Shares
 September 25, 2018

Estimated reading time: 2 minutes

In case you have received a reminder from your bank asking you to replace your stripe-only card with an EMV chip card and you have no idea why this change is being implemented, then you are at the right place. As per recent instructions received from the Reserve Bank of...

“Troldesh’s” One More Variant in the Encryption Offender

  • 22
    Shares
 September 3, 2018

Estimated reading time: 4 minutes

Over the past few days, we have been observing criminals/hackers using a new carrier to deliver the ransomware malware. Recently, Quick Heal Security Labs observed a new variant of Troldesh ransomware which encrypts the data and adds the extension as “.no_more_ransom”. This ransomware comes under Crypto-Ransomware variant, the origin of this...

Cryptocurrency miner hits IoT devices, mostly affects Brazil and Russia!

  • 21
    Shares
 August 9, 2018

Estimated reading time: 3 minutes

According to a blogpost published on Aug 1, 2018, 200,000 routers in Brazil were compromised to deliver Cryptocurrency mining scripts to mine Monero (XMR) cryptocurrency. Hackers compromised the vulnerable MikroTik routers by injecting CoinHive scripts into the routers web pages in order to carry out the mass Cryptocurrency miner attack....