Blog

Phishing

Malspam email – Jack of all malware, master of none.

  • 1
    Share
 January 21, 2019

Estimated reading time: 4 minutes

Malspam email or malicious spam emails are considered to be one of the favorite malware delivery channels for the attackers to deliver the malware to targeted victims. Attackers also run spam email campaigns to distribute their malware to a large number of users. For attackers to succeed, two things are...

Beware! Your website might be delivering Emotet malware

  • 17
    Shares
 December 29, 2018

Estimated reading time: 11 minutes

In 2018, we saw a surge in Emotet activity. Emotet started as a banking trojan but this blog will shed light on how it has also become a “threat distributor”. We will also discuss server-side and client-side activity and how it spreads. Its self-propagation makes it all the more challenging...

Sophisticated Ransomware : “Katyusha”

  • 16
    Shares
 December 14, 2018

Estimated reading time: 6 minutes

For several months, Quick Heal Security Labs has been observing an increase in ransomware, we have found one more interesting ransomware which encrypts files and adds extension “.katyusha” and demands for an amount of 0.5 btc within three days and threatens to release the data to public download if the ransom is not...

Obfuscated Equation Editor Exploit (CVE-2017-11882) spreading Hawkeye Keylogger

  • 15
    Shares
 November 1, 2018

Estimated reading time: 6 minutes

Cyber-attacks through phishing emails are increasing and generally, attackers use DOC embedded macros to infiltrate victim’s machine. Recently Quick Heal Security Labs came across a Phishing e-mail sample which uses Microsoft’s equation editor exploit to spread Hawkeye keylogger. Cybercriminals use different techniques to steal confidential data. Now they are offering...

How to differentiate between spam and phishing emails?

  • 1
    Share
 October 11, 2018

Estimated reading time: 3 minutes

Emails today have become an integral part of our day-to-day life and this has made it a child’s play for spammers to lure people into opening fraudulent emails and attachments. Thus, while you are using emails for your everyday personal or official use, it is important to realize that the...

How can my Facebook account be misused if hacked?

  • 3
    Shares
 October 4, 2018

Estimated reading time: 2 minutes

At a time when most of us are living in a virtual world, where we are connected to our friends and family mostly through social networking sites, imagine what it would be like to find your social media account hacked!! That’s exactly what happened with 50 million of Facebook users...

Emerging trend of spreading malware through IQY files

 October 3, 2018

Estimated reading time: 4 minutes

Nowadays attackers are searching for new techniques to spread malware, recently we came across a new emerging way to deliver malware through IQY file. Till now we had seen spread of malware through various file types and chains such as Word document, Script, JAVA files. Fig 1: Attack chain IQY file...

Beware of the Armage Ransomware – the File Destroyer!

  • 18
    Shares
 August 8, 2018

Estimated reading time: 3 minutes

In July last week, Quick Heal Security Labs detected a new ransomware called Armage. It appends ‘.Armage’ extension to files it encrypts. Armage ransomware uses the AES-256 encryption algorithm to encode files making them inoperable. It spreads via spam emails and corrupted text files. Technical analysis Once executed on the...

Beware of the ‘Free Cycle Distribution Yojana’ WhatsApp message. It’s fake!

  • 93
    Shares
 July 30, 2018

Estimated reading time: 3 minutes

As India’s Independence Day (15th of August) approaches, messages about free distribution schemes are doing the rounds on WhatsApp. Just recently, Quick Heal Security Labs detected a widespread circulation of one such message claiming that the Indian government will distribute free cycles to students on Independence Day, under the Free...

The evolution of a 4-year-old-threat Emotet: From an infamous Trojan to a complex threat distributer

  • 15
    Shares
 July 25, 2018

Estimated reading time: 6 minutes

Emotet malware campaign has been existing for a long time. It comes frequently in intervals with different techniques and variants to deliver malware on a victim. Attackers are smart and they use complex techniques to avoid detection. At the start of 2017, we had seen the emotet campaign spreading through...