Blog
Quick heal blog

An in-depth analysis of a new, emerging “.url” malware campaign – by Quick Heal Security Labs

  • 2
    Shares
 March 19, 2018

Estimated reading time: 5 minutes

Last week, we had blogged about the emergence of a new attack vector ‘.url’ which is used to spread malware. In this blog post, we will deep-dive into the attack chain of this ‘.url’ vector and elaborate on the Quant Loader malware which is actively making use of it. Let’s...

An analysis of the Zenis ransomware by Quick Heal Security Labs

 March 19, 2018

Estimated reading time: 4 minutes

Quick Heal Security Labs has come across a new ransomware that goes by the name ‘Zenis’. The ransomware not only encrypts files but also intentionally deletes the infected system’s backup.   The behavior of Zenis ransomware Upon inside a computer, the ransomware performs the following checks before it starts encrypting...

Email campaign using .url extensions to abuse Internet Explorer vulnerabilities (CVE-2016-3353)

  • 8
    Shares
 March 14, 2018

Estimated reading time: 4 minutes

In the wild, malspam campaigns are a major medium to spread malware. Previously, we have written about such campaigns using MS Office files with malicious macro and using vulnerabilities. Recently, we observed a spam campaign that uses .url files as a first-stage downloader to spread malware and bypass security features....

A free guide to 7 computer viruses you should know about

  • 36
    Shares
 March 13, 2018
7_computer_viruses_you_should_know_about

Estimated reading time: 4 minutes

Computer viruses are nasty little programs that are designed to lay waste to your computer. Some destroy files stored on your PC, while some trigger different software to malfunction. More nefarious viruses steal your confidential information and some even go to an extent to rig a system’s power load and...

Do not fall for the WhatsApp message about Jio Prime Offer. It’s a hoax!

  • 104
    Shares
 March 8, 2018

Estimated reading time: 3 minutes

A message about a Jio Prime offer is circulating among WhatsApp users. Do not fall for it because it’s a hoax. Last evening, I received this message from one of my contacts. Looks like a genuine message, doesn’t it? But, it is nothing but a hoax. How do we know?...

Chinese, Russian hackers counting on Apache Struts vulnerabilities – a report by Quick Heal Security Labs

 March 7, 2018

Estimated reading time: 4 minutes

Apache Struts is an open-source CMS based on MVC framework for developing Java EE Web Applications. Apache Struts has been widely used by many Fortune 100 companies and government agencies over the years for developing web applications. But, websites built using a CMS constantly need to upgrade the CMS versions in their web application servers, because vulnerabilities...

Beware! A new .Net Ransomware is encrypting files with .Lime

  • 37
    Shares
 March 6, 2018

Estimated reading time: 4 minutes

Cases of the “Lime ransomware” have been recently reported to Quick Heal Security Labs. Our research team has analyzed these cases deeply and found some useful information. This post shares this information to help users stay safe from ransomware attacks. ‘Lime’ is a newly discovered .net ransomware; it is also...

MIRUS – a cryptomining virus

  • 44
    Shares
 February 27, 2018

Estimated reading time: 4 minutes

Cryptocurrencies are all the vogue now. This has resulted in the emergence of increasing cryptocurrency mining activities. Several platforms make mining services available to users. One such platform that provides JavaScript cryptocurrency miners for websites is CoinHive. Recently, we have analyzed a virus that infects user files with mining scripts. CoinHive is...