The Runner: a key component of the SamSam ransomware campaign – An analysis by Quick Heal Security Labs

 February 8, 2018

Estimated reading time: 4 minutes

In Jan 2018, Greenfield, Indiana-based Hancock Health (healthcare network) was attacked by SamSam ransomware. It encrypted the files containing patients’ data which disrupted their critical services. Even though SamSam is not a new ransomware, it has evolved over a period of time. We had observed its first variant in Feb...

Cybersecurity Predictions: What to expect in 2018

  • 51
 December 26, 2017
Cybersecurity prediction for 2018

Estimated reading time: 7 minutes

Get ready! 2018 is going to be much worse for cybersecurity than what it was for 2017. Before we get on with the cybersecurity predictions for 2018, let’s take a quick flashback of 2017 2017 was riddled with cybersecurity mayhem: WannaCry – the biggest ransomware attack in history; took down...

Android Ransomware Alert! DoubleLocker changes your phone’s PIN and encrypts your data

  • 107
 October 27, 2017

Estimated reading time: 3 minutes

DoubleLocker is an Android ransomware the likes of which have never been seen before. The malware is designed to launch a two-pronged attack – it locks down the phone it infects and encrypts all files stored on the device. What is spreading DoubleLocker ransomware? The malware gets into a device...

What is Bad Rabbit Ransomware and how can you stay safe?

  • 43
 October 25, 2017
Bad Rabbit Ransomware

Estimated reading time: 2 minutes

On 24 October 2017 (Tuesday), a new ransomware was let loose on the Internet. It is known as Bad Rabbit and seems to bear similar characteristics to the infamous NotPetya ransomware. Victims of Bad Rabbit Organizations in Russia and Ukraine were the initial casualties of this ransomware – they include...

How a ransomware infects your computer [INFOGRAPHIC]

  • 34
 October 11, 2017

Estimated reading time: 1 minute

Education is a constant process – it never stops. While we have spoken about ransomware at great lengths in the past, there is no reason why we should not be doing that again. Ransomware is probably the most dreaded cyberthreat that can strike anyone and at anytime unless we prepare...

Malware alert! Beware of the BTCWare Aleta Ransomware

  • 5
 July 25, 2017

Estimated reading time: 3 minutes

Quick Heal Security Labs has observed the entry of a new BTCWare ransomware (first observed at the beginning of 2017) variant called ‘Aleta’. This ransomware is called so because it appends a “.aleta” extension to files it encrypts in an infected computer. Although BTCWare ransomware variants do not seem to...

DOs and DON’Ts to stay safe from Ransomware (infographic)

  • 8
 June 28, 2017

Estimated reading time: 1 minute

Unless you live in a cave, you would definitely know what is a ransomware. It is a malware that is keeping Internet users awake at nights and restless during the day. It does not strike with a warning, and when it does it does not leave without causing a catastrophe....

Petya ransomware is affecting users globally, here are things you can do

  • 1
 June 28, 2017

Estimated reading time: 2 minutes

Quick Heal Security Labs has come across a new strain of Petya Ransomware that is affecting users globally. This clearly looks like early signs of a new ransomware attack that is spreading fast across the globe. Currently, we have seen multiple reports of this ransomware attack from several countries. Our...

AES-NI Ransomware adopts combination of Fileless and Code Injection technique

  • 29
 June 22, 2017

Estimated reading time: 3 minutes

Cybercriminals are adopting unique ways for spreading malware and this has been evident in the cases of the Cerber ransomware where the RIG exploit was used and the WannaCry ransomware which used the SMBv1 vulnerability. And now it’s the AES-NI ransomware which uses a combination of fileless and code injection...