Blog

Security

I am invisible – Monero (XMR) Miner

  • 43
    Shares
 September 3, 2018

Estimated reading time: 4 minutes

From the last one year, Quick Heal Security Labs has been observing a boost in the number of mining malware. Nowadays malware authors are using mining as a replacement for Ransomware to make money. Recently Quick Heal Security Labs came across a malware which mines Monero(XMR). This miner has many...

Cryptocurrency miner hits IoT devices, mostly affects Brazil and Russia!

  • 21
    Shares
 August 9, 2018

Estimated reading time: 3 minutes

According to a blogpost published on Aug 1, 2018, 200,000 routers in Brazil were compromised to deliver Cryptocurrency mining scripts to mine Monero (XMR) cryptocurrency. Hackers compromised the vulnerable MikroTik routers by injecting CoinHive scripts into the routers web pages in order to carry out the mass Cryptocurrency miner attack....

Beware of the Armage Ransomware – the File Destroyer!

  • 18
    Shares
 August 8, 2018

Estimated reading time: 3 minutes

In July last week, Quick Heal Security Labs detected a new ransomware called Armage. It appends ‘.Armage’ extension to files it encrypts. Armage ransomware uses the AES-256 encryption algorithm to encode files making them inoperable. It spreads via spam emails and corrupted text files. Technical analysis Once executed on the...

The evolution of a 4-year-old-threat Emotet: From an infamous Trojan to a complex threat distributer

  • 15
    Shares
 July 25, 2018

Estimated reading time: 6 minutes

Emotet malware campaign has been existing for a long time. It comes frequently in intervals with different techniques and variants to deliver malware on a victim. Attackers are smart and they use complex techniques to avoid detection. At the start of 2017, we had seen the emotet campaign spreading through...

Your copy-paste habit can cost you your money

  • 20
    Shares
 July 19, 2018

Estimated reading time: 4 minutes

How often do you store your important data in files? It’s very common, right? This data may be URLs, topics, personal data like contacts, email-ids, usernames of different portals and sometimes passwords too (though always recommended to not to do so). We very casually copy this data and paste it...

Cryptojacking is when someone illegally uses your PC to make digital money + 8 facts

  • 27
    Shares
 June 20, 2018

Estimated reading time: 4 minutes

What attracts more than a magnet? You might have guessed it right – it is money! And where there is easy money, there is a lot of hustle and bustle. Till now, ransomware was seen as the ultimate cash cow for attackers – kidnap critical data and ask a ransom...

CVE-2018-5002 – Adobe Flash Player Stack Buffer Overflow Vulnerability Alert!

  • 2
    Shares
 June 8, 2018

Estimated reading time: 1 minute

The recent zero-day vulnerability CVE-2018-5002 in Adobe Flash Player enables attackers to perform a Remote Code Execution on targeted machines. Adobe has released a security advisory APSB18-19 on June 7, 2018 to address this issue. According to Adobe, the in-wild exploit is being used in limited, targeted attacks and it...

Cryptocurrency mining rampage throttles Linux machines – an analysis by Quick Heal Security Labs

  • 1
    Share
 May 22, 2018

Estimated reading time: 4 minutes

Quick Heal Security Labs recently came across a Linux-based Monero (XMR) miner. Monero (XMR) is one of the top 15 cryptocurrencies. It can be mined easily on any machine using its CPU computation power. This is one of the reasons why it is preferred to Bitcoin or Ethereum which are...

An analysis of the Dharma ransomware outbreak by Quick Heal Security Labs

  • 25
    Shares
 May 2, 2018

Estimated reading time: 7 minutes

On April 25, 2018, Quick Heal Security Labs issued an advisory on a new ransomware outbreak. We are observing a sudden spike of Dharma Ransomware. Even though Dharma ransomware is old, we observed its new variant which is encrypting files and appending the “.arrow” extension to it. Previously the encrypted...