Blog

Malware

Again! A New .NET Ransomware Shrug2

  • 30
    Shares
 August 10, 2018

Estimated reading time: 5 minutes

For several months, Quick Heal Security Labs has been observing an increase in ransomware which are built in  .NET framework. Ransomware like SamSam, Lime and now Shrug was found to be built in .NET framework. Malware authors are finding it very easy to build and obfuscate malware in .NET framework rather than making them in...

Quick Heal detects malware misusing the fame of Patanjali’s Kimbho app

  • 61
    Shares
 July 13, 2018

Estimated reading time: 3 minutes

When Patanjali’s Kimbho app came to Google Play Store, it made some headlines on the Internet, newspapers, TVs, etc. It had 1.5 lakh downloads in just 3 hours. Kimbho app was designed for socializing, messaging and sharing videos, images, etc., same as what the WhatsApp and Facebook app do. However,...

A new ransom-miner malware campaign emerging in wild!

 July 10, 2018

Estimated reading time: 6 minutes

Since the past few weeks, Quick Heal Security Labs has been observing a series of interesting malware blocked at our customer end. The further analysis of the malware ‘t.exe’ revealed that the malware seems to be Trojan dropper. Interestingly, this multipurpose malware is downloading a ransomware component, a crypto-mining malware...

Cryptocurrency mining rampage throttles Linux machines – an analysis by Quick Heal Security Labs

  • 1
    Share
 May 22, 2018

Estimated reading time: 4 minutes

Quick Heal Security Labs recently came across a Linux-based Monero (XMR) miner. Monero (XMR) is one of the top 15 cryptocurrencies. It can be mined easily on any machine using its CPU computation power. This is one of the reasons why it is preferred to Bitcoin or Ethereum which are...

Breed of MBR Infecting Ransomware – an analysis by Quick Heal Security Labs

 May 16, 2018

Estimated reading time: 6 minutes

Ransomware is becoming one of the most perilous cyberattack methods and also the most habitual techniques for cybercriminals to earn money. It appears to have new weapons in its arsenal over time which is invariably aimed to boost its strength and enhance its business. As encrypting the files and restricting...

8 tips to avoid a spyware attack

  • 7
    Shares
 April 12, 2018

Estimated reading time: 2 minutes

Spyware refers to software that spy on your Internet browsing activities, record keystrokes, and collect almost any type of data including your personal information such as credit/debit card or banking details, login IDs and passwords. In this post, we share 8 tips to avoid a spyware attack and keep your...

An in-depth analysis of a new, emerging “.url” malware campaign – by Quick Heal Security Labs

  • 2
    Shares
 March 19, 2018

Estimated reading time: 5 minutes

Last week, we had blogged about the emergence of a new attack vector ‘.url’ which is used to spread malware. In this blog post, we will deep-dive into the attack chain of this ‘.url’ vector and elaborate on the Quant Loader malware which is actively making use of it. Let’s...

A free guide to 7 computer viruses you should know about

  • 36
    Shares
 March 13, 2018
7_computer_viruses_you_should_know_about

Estimated reading time: 4 minutes

Computer viruses are nasty little programs that are designed to lay waste to your computer. Some destroy files stored on your PC, while some trigger different software to malfunction. More nefarious viruses steal your confidential information and some even go to an extent to rig a system’s power load and...

The Runner: a key component of the SamSam ransomware campaign – An analysis by Quick Heal Security Labs

 February 8, 2018

Estimated reading time: 4 minutes

In Jan 2018, Greenfield, Indiana-based Hancock Health (healthcare network) was attacked by SamSam ransomware. It encrypted the files containing patients’ data which disrupted their critical services. Even though SamSam is not a new ransomware, it has evolved over a period of time. We had observed its first variant in Feb...

IcedID – a new sophisticated banking Trojan: a technical analysis by Quick Heal Security Labs

  • 2
    Shares
 November 29, 2017

Estimated reading time: 4 minutes

IcedID is a new player in the banking Trojan family. It has a modular architecture and capable of stealing banking credentials of the user by performing a man-in-the-middle attack (MITM). IcedID sets up a local proxy and redirects all Internet traffic through it. Additionally, it can download and execute components...