Blog

Social Engineering

Beware! Your website might be delivering Emotet malware

  • 17
    Shares
 December 29, 2018

Estimated reading time: 11 minutes

In 2018, we saw a surge in Emotet activity. Emotet started as a banking trojan but this blog will shed light on how it has also become a “threat distributor”. We will also discuss server-side and client-side activity and how it spreads. Its self-propagation makes it all the more challenging...

Ghost Has Arrived

Estimated reading time: 5 minutes

On the back of an upswing in Ransomware activity, we decided to carry out an in-depth analysis of Ghost Ransomware. Interesting fact about this malware is that it uses multiple components to encrypt user files. Technical Analysis : Main malware executable (Ghost.exe) is compiled using the DotNet Framework. The infection...

Emerging trend of spreading malware through IQY files

 October 3, 2018

Estimated reading time: 4 minutes

Nowadays attackers are searching for new techniques to spread malware, recently we came across a new emerging way to deliver malware through IQY file. Till now we had seen spread of malware through various file types and chains such as Word document, Script, JAVA files. Fig 1: Attack chain IQY file...

Beware of the ‘Free Cycle Distribution Yojana’ WhatsApp message. It’s fake!

  • 93
    Shares
 July 30, 2018

Estimated reading time: 3 minutes

As India’s Independence Day (15th of August) approaches, messages about free distribution schemes are doing the rounds on WhatsApp. Just recently, Quick Heal Security Labs detected a widespread circulation of one such message claiming that the Indian government will distribute free cycles to students on Independence Day, under the Free...

What is the price of your stolen identity on the online black market?

  • 53
    Shares
 July 10, 2018

Estimated reading time: 2 minutes

If you thought there is only a black market for stolen mobile phones, drugs, pirated software, etc., then you could be wrong. There is a black market that exists on the Internet and its most lucrative commodity is your personally identifiable information (PII – sensitive information that can be used...

3 common types of phishing attacks and tips to avoid them

  • 131
    Shares
 June 26, 2018

Estimated reading time: 4 minutes

Phishing is one of the oldest tricks in the book of hackers. But as old as it might be, phishing still remains the most lucrative tool for cybercriminals; as they say, old is gold. This post tells you about the 3 common types of phishing attacks and tips to avoid...

Do not fall for the WhatsApp message about Jio Prime Offer. It’s a hoax!

  • 10
    Shares
 March 8, 2018

Estimated reading time: 3 minutes

A message about a Jio Prime offer is circulating among WhatsApp users. Do not fall for it because it’s a hoax. Last evening, I received this message from one of my contacts. Looks like a genuine message, doesn’t it? But, it is nothing but a hoax. How do we know?...

Mumbai businessman loses ₹5.8 lakh in a spear phishing scam

  • 30
    Shares
 November 20, 2017

Estimated reading time: 2 minutes

This story has been sourced from Hindustan Times. On November 18, a businessman from Powai, Mumbai, received an email that looked like it was sent by a close friend. In the email, the friend informed that he is stuck somewhere and that he needed an urgent loan of ₹5.8 lakh...

Evolution of jRAT JAVA Malware – An analysis by Quick Heal Security Labs

 October 3, 2017

Estimated reading time: 4 minutes

jRAT (Java Based Remote Access Trojans) malware is not new but its activity has increased recently in the last few months and they are targeting various organizations. Per day, Quick Heal Security Labs identifies thousands of spam emails carrying weaponized JAR as attachments targeting users. These malicious JAR i.e., jRAT...