Blog

Malware

Quick Heal Threat Report – Cryptojacking rising but Ransomware still #1 threat for consumers

 February 22, 2019

Estimated reading time: 1 minute

In wake of the growing incidences of targeted cyber-attacks on enterprises using Cryptojacking, due to its ease of deployment and instant return on investments; it rather comes as a surprise that malware authors are still counting on Ransomware for targeting consumers and home users. Yes, you heard it right! According...

GandCrab Riding Emotet’s Bus!

 February 15, 2019

Estimated reading time: 4 minutes

Emotet Known for constantly changing its payload and infection vectors like spam mail, Malicious Doc and even Malicious JS files. It compromised a very high number of websites on the internet. Emotet malware campaign has existed since 2014. It comes frequently in intervals with different techniques and variants to deliver malware...

Anatova, A modular ransomware

  • 19
    Shares
 January 29, 2019

Estimated reading time: 6 minutes

While everyone was engaged in new year celebrations, malware authors were busy creating new ransomware for 2019. Quick Heal Security Labs has observed the first ransomware of 2019 — Anatova. During our analysis, we found that Anatova is not just ransomware but a modular one. By modular ransomware we mean,...

Mongolock Ransomware deletes files and targets databases

  • 1
    Share
 January 29, 2019

Estimated reading time: 4 minutes

Ransomware has become one of the most dangerous cyber-attack methods because of the different techniques it uses to encrypt the files and evade the detection of security software to earn money. Also, at a time, it’s not limited to encrypting user’s files but also deletes the files and formats the...

GandCrab Ransomware along with Monero Miner and Spammer

  • 3
    Shares
 January 24, 2019

Estimated reading time: 6 minutes

Recently we saw a new campaign through spam mail attachment- zip file. It contains JavaScript file which delivers a bundle of GandCrab Ransomware, Monero miner and Spammer. This bundle of multiple malware variants is nothing new, it is common for ransomware to be paired with miner and spammer. This type...

Malspam email – Jack of all malware, master of none.

  • 30
    Shares
 January 21, 2019

Estimated reading time: 4 minutes

Malspam email or malicious spam emails are considered to be one of the favorite malware delivery channels for the attackers to deliver the malware to targeted victims. Attackers also run spam email campaigns to distribute their malware to a large number of users. For attackers to succeed, two things are...

Applying Deep Learning for PE-Malware Classification

  • 1
    Share
 January 10, 2019

Estimated reading time: 5 minutes

Deep Learning & Computer vision techniques are making progress in every possible field. With growing computing powers many organizations use them to resolve or minimize many day-to-day problems. In a recent talk at AVAR 2018, Quick Heal AI team presented an approach of effectively using Deep Learning for malware classification....

Ransomware displaced by cryptojacking as the most trending cyberthreat but it is not dead yet

  • 38
    Shares
 January 9, 2019

Estimated reading time: 2 minutes

For those of you who have experienced the worst of Ransomware attacks in the form of WannaCry and Petya and believe that the worst is over; you never know what may await you on the other side of this New Year. While the recent threat analysis reports by Quick Heal...

Beware! Your website might be delivering Emotet malware

  • 17
    Shares
 December 29, 2018

Estimated reading time: 11 minutes

In 2018, we saw a surge in Emotet activity. Emotet started as a banking trojan but this blog will shed light on how it has also become a “threat distributor”. We will also discuss server-side and client-side activity and how it spreads. Its self-propagation makes it all the more challenging...

Beware!! PDF Attachments Launching Android malware

  • 27
    Shares
 December 25, 2018

Estimated reading time: 4 minutes

As a normal user we receive multiple emails on a daily basis with PDF as an attachment. Recently, at Quick-Heal Security Lab, we observed a malicious PDF file sent to users as an attachment via a phishing mail. These PDF files look like a regular document but that’s not the...