Beware of the Armage Ransomware – the File Destroyer!

  • 12
 August 8, 2018

Estimated reading time: 3 minutes

In July last week, Quick Heal Security Labs detected a new ransomware called Armage. It appends ‘.Armage’ extension to files it encrypts. Armage ransomware uses the AES-256 encryption algorithm to encode files making them inoperable. It spreads via spam emails and corrupted text files. Technical analysis Once executed on the...

Quick Heal Total Security (Windows) achieves a 99.5% protection rate in AV-Comparatives’ test

  • 44
 July 23, 2018

Estimated reading time: 2 minutes

Quick Heal Total Security (Windows) has achieved a 99.5% protection rate in the Real-World Protection Test conducted by world’s leading security software testers AV-Comparatives. Real-World Protection Test February-June 2018 Experts at AV-Comparatives create a real-world environment to test security software. In this environment, malware (malicious software) behave in the same...

Satan ransomware raises its head again!

  • 7
 June 20, 2018

Estimated reading time: 3 minutes

Satan ransomware first occurred in early 2017. And it has resurfaced with a new variant in 2018. We have seen it using new, innovative techniques to spread such as EternalBlue exploit to distribute over compromised networks.   This variant of Satan propagates using the below techniques: Mimikatz EternalBlue – exploit...

Quick Heal detects banking Trojans imitating popular social media and banking apps in India

  • 28
 June 5, 2018

Estimated reading time: 5 minutes

Quick Heal Security Labs has spotted two banking Trojan malware. These malware imitate some popular social and banking apps. While doing so, they gain access to some security permissions on the infected device which allow them to steal the user’s banking credentials. The malware are able to do this by...

3 reasons you can’t live without your smartphone [VIDEO]

  • 1
 May 14, 2018

Estimated reading time: 1 minute

Can you think of 3 reasons why you can’t live without your smartphone? Well, we tried figuring out the answer to that in this short video of ours. We also tried thinking what would happen if something bad happens to your phone and how can you avoid it. So, do...

Dharma ransomware resurfaces with a new variant

  • 42
 April 16, 2018

Estimated reading time: 3 minutes

A new variant of the Dharma ransomware (‘.arrow’) has been observed in the wild. This variant appends the extension ‘.arrow’ to the files it encrypts and spreads via spam emails.   How Dharma encrypts its victim’s files Once executed, the ‘.arrow’ variant of Dharma uses the below command to disable...

An analysis of the Zenis ransomware by Quick Heal Security Labs

 March 19, 2018

Estimated reading time: 4 minutes

Quick Heal Security Labs has come across a new ransomware that goes by the name ‘Zenis’. The ransomware not only encrypts files but also intentionally deletes the infected system’s backup.   The behavior of Zenis ransomware Upon inside a computer, the ransomware performs the following checks before it starts encrypting...

Email campaign using .url extensions to abuse Internet Explorer vulnerabilities (CVE-2016-3353)

  • 8
 March 14, 2018

Estimated reading time: 4 minutes

In the wild, malspam campaigns are a major medium to spread malware. Previously, we have written about such campaigns using MS Office files with malicious macro and using vulnerabilities. Recently, we observed a spam campaign that uses .url files as a first-stage downloader to spread malware and bypass security features....

Beware! A new .Net Ransomware is encrypting files with .Lime

  • 37
 March 6, 2018

Estimated reading time: 4 minutes

Cases of the “Lime ransomware” have been recently reported to Quick Heal Security Labs. Our research team has analyzed these cases deeply and found some useful information. This post shares this information to help users stay safe from ransomware attacks. ‘Lime’ is a newly discovered .net ransomware; it is also...

Thanatos Ransomware – an analysis by Quick Heal Security Labs

  • 17
 February 22, 2018

Estimated reading time: 2 minutes

Quick Heal Security Labs has come across a new ransomware with AES encryption technique that demands 0.01 Bitcoin as a ransom after encrypting the victim’s files. It’s known as Thanatos Ransomware. Thanatos is a type of a Trojan malware that spreads through malicious advertisements, phishing sites, spam emails, freeware and...