NemucodAES malspam is back and this time it brought along Kovter Trojan

  • 2
 July 21, 2017

Estimated reading time: 3 minutes

For the last few weeks, we have been observing a new malicious spam (malspam) variant that is spreading via an email claiming to be from the United Parcel Service (UPS) carriages. The email carries a zip attachment that contains NemucodAES Ransomware and fileless Kovter Trojan. Earlier, such malspam campaigns were...

What is VPN and why you should use it

  • 27
 June 6, 2017

Estimated reading time: 3 minutes

A VPN, or Virtual Private Network, is a type of a network connection that allows users to browse the Internet securely and anonymously. If you’re looking for ways to browse the web privately, then one of the most viable solutions is to use a VPN. What is VPN? VPN can...

Banking malware, Dridex bounces back through PDF

  • 4
 May 10, 2017

Estimated reading time: 3 minutes

Dridex is a banking malware which uses macros to spread on windows systems. Spam email attachments are utilized to spread this infection. Banking malware are generally key loggers. They trick users into opening the attachment; it then records the keystrokes on user’s computer and uses them for their own benefit....

Quick Heal detected over 295 million malware samples in Q1 2017 – Threat Report

  • 7
 April 26, 2017

Estimated reading time: 1 minute

In Q1 2017, 295 million malware samples were detected on the systems of Quick Heal users. The Trojan horse malware family continues the tradition of having the highest detection of all, followed by infectors, worms, and adware. 10 new ransomware families were also detected in this quarter. A notable observation...

Cosmos Bank website compromised with RIG Exploit Kit which drops Cerber Ransomware

  • 41
 March 23, 2017

Estimated reading time: 3 minutes

Update: The incident has been taken care of by Cosmos Bank and its website (URL) is now clean and safe to use. Compromising popular websites has become a common strategy for attackers to spread infection in a widespread fashion. Attackers exploit unpatched vulnerabilities present on web servers in order to compromise...

Beware of this fake WhatsApp message. It’s a scam!

  • 317
 November 24, 2016

Estimated reading time: 2 minutes

If you receive the below WhatsApp message, you might feel an irresistible itch to click on the link. But, don’t! Because it’s a scam. Cybercriminals are now tricking WhatsApp users by piggybacking on the Amazon Black Friday Sale. As shown above, the fake WhatsApp message urges the user to buy...

Is your Remote Desktop System safe from Brute Force Attacks?

  • 85
 October 17, 2016

Estimated reading time: 3 minutes

As we have explained in the previous Troldesh ransomware blog post, cyber criminals are now spreading ransomware by gaining access to computers through Remote Desktop. Remote access to the victim’s computer is gained by using brute-force techniques which can effectively crack weak passwords. Typically, the attacker scans a list of...

Hackers Launching Multiple Attacks using One Email

  • 40
 September 30, 2016

Estimated reading time: 3 minutes

What makes cybercriminals more notorious is that they do not stay idle. They keep themselves busy in improving their game and formulating newer methods to trap their preys. A case in point is a recent observation made by Quick Heal Labs where attackers are using a new open source exploit...