Estimated reading time: 4 minutes
For several months, QH Labs has been observing an upswing in ransomware activity. We found a new ransomware which is written in Go lang. Malware authors are finding it easy to write ransomware in Go lang rather than traditional programming languages. Infection of Jcry ransomware starts with a compromised website. As...
Estimated reading time: 4 minutes
Malspam email or malicious spam emails are considered to be one of the favorite malware delivery channels for the attackers to deliver the malware to targeted victims. Attackers also run spam email campaigns to distribute their malware to a large number of users. For attackers to succeed, two things are...
Estimated reading time: 6 minutes
Cyber-attacks through phishing emails are increasing and generally, attackers use DOC embedded macros to infiltrate victim’s machine. Recently Quick Heal Security Labs came across a Phishing e-mail sample which uses Microsoft’s equation editor exploit to spread Hawkeye keylogger. Cybercriminals use different techniques to steal confidential data. Now they are offering...
Estimated reading time: 5 minutes
For several months, Quick Heal Security Labs has been observing an increase in ransomware which are built in .NET framework. Ransomware like SamSam, Lime and now Shrug was found to be built in .NET framework. Malware authors are finding it very easy to build and obfuscate malware in .NET framework rather than making them in...
Estimated reading time: 3 minutes
When Patanjali’s Kimbho app came to Google Play Store, it made some headlines on the Internet, newspapers, TVs, etc. It had 1.5 lakh downloads in just 3 hours. Kimbho app was designed for socializing, messaging and sharing videos, images, etc., same as what the WhatsApp and Facebook app do. However,...
Estimated reading time: 6 minutes
Since the past few weeks, Quick Heal Security Labs has been observing a series of interesting malware blocked at our customer end. The further analysis of the malware ‘t.exe’ revealed that the malware seems to be Trojan dropper. Interestingly, this multipurpose malware is downloading a ransomware component, a crypto-mining malware...
Estimated reading time: 4 minutes
Quick Heal Security Labs recently came across a Linux-based Monero (XMR) miner. Monero (XMR) is one of the top 15 cryptocurrencies. It can be mined easily on any machine using its CPU computation power. This is one of the reasons why it is preferred to Bitcoin or Ethereum which are...
Estimated reading time: 6 minutes
Ransomware is becoming one of the most perilous cyberattack methods and also the most habitual techniques for cybercriminals to earn money. It appears to have new weapons in its arsenal over time which is invariably aimed to boost its strength and enhance its business. As encrypting the files and restricting...
Estimated reading time: 2 minutes
Spyware refers to software that spy on your Internet browsing activities, record keystrokes, and collect almost any type of data including your personal information such as credit/debit card or banking details, login IDs and passwords. In this post, we share 8 tips to avoid a spyware attack and keep your...
Estimated reading time: 5 minutes
Last week, we had blogged about the emergence of a new attack vector ‘.url’ which is used to spread malware. In this blog post, we will deep-dive into the attack chain of this ‘.url’ vector and elaborate on the Quant Loader malware which is actively making use of it. Let’s...