Blog

Malware

APT-27 like Newcore RAT, Virut exploiting MySQL for targeted attacks on enterprise

 May 28, 2019

Estimated reading time: 7 minutes

In today’s world data is everything, and to store and process this large amount of data, everyone started using computing devices. Database servers which are used for storing this precious data on computing devices include MySQL, MongoDB, MSSQL, etc. But unfortunately, not everyone is conscious about its security. In fact, approximately...

JCry – A Ransomware written in Golang!

  • 2
    Shares
 April 9, 2019

Estimated reading time: 4 minutes

For several months, QH Labs has been observing an upswing in ransomware activity. We found a new ransomware which is written in Go lang. Malware authors are finding it easy to write ransomware in Go lang rather than traditional programming languages. Infection of Jcry ransomware starts with a compromised website. As...

GandCrab Riding Emotet’s Bus!

Estimated reading time: 4 minutes

Emotet Known for constantly changing its payload and infection vectors like spam mail, Malicious Doc and even Malicious JS files. It compromised a very high number of websites on the internet. Emotet malware campaign has existed since 2014. It comes frequently in intervals with different techniques and variants to deliver malware...

Anatova, A modular ransomware

  • 20
    Shares
 January 29, 2019

Estimated reading time: 6 minutes

While everyone was engaged in new year celebrations, malware authors were busy creating new ransomware for 2019. Quick Heal Security Labs has observed the first ransomware of 2019 — Anatova. During our analysis, we found that Anatova is not just ransomware but a modular one. By modular ransomware we mean,...

Mongolock Ransomware deletes files and targets databases

  • 1
    Share
 January 29, 2019

Estimated reading time: 4 minutes

Ransomware has become one of the most dangerous cyber-attack methods because of the different techniques it uses to encrypt the files and evade the detection of security software to earn money. Also, at a time, it’s not limited to encrypting user’s files but also deletes the files and formats the...

GandCrab Ransomware along with Monero Miner and Spammer

  • 3
    Shares
 January 24, 2019

Estimated reading time: 6 minutes

Recently we saw a new campaign through spam mail attachment- zip file. It contains JavaScript file which delivers a bundle of GandCrab Ransomware, Monero miner and Spammer. This bundle of multiple malware variants is nothing new, it is common for ransomware to be paired with miner and spammer. This type...

Malspam email – Jack of all malware, master of none.

  • 30
    Shares
 January 21, 2019

Estimated reading time: 4 minutes

Malspam email or malicious spam emails are considered to be one of the favorite malware delivery channels for the attackers to deliver the malware to targeted victims. Attackers also run spam email campaigns to distribute their malware to a large number of users. For attackers to succeed, two things are...