Blog

Ransomware

Malware alert! Beware of the BTCWare Aleta Ransomware

  • 5
    Shares
 July 25, 2017

Estimated reading time: 3 minutes

Quick Heal Security Labs has observed the entry of a new BTCWare ransomware (first observed at the beginning of 2017) variant called ‘Aleta’. This ransomware is called so because it appends a “.aleta” extension to files it encrypts in an infected computer. Although BTCWare ransomware variants do not seem to...

DOs and DON’Ts to stay safe from Ransomware (infographic)

  • 8
    Shares
 June 28, 2017

Estimated reading time: 1 minute

Unless you live in a cave, you would definitely know what is a ransomware. It is a malware that is keeping Internet users awake at nights and restless during the day. It does not strike with a warning, and when it does it does not leave without causing a catastrophe....

Petya ransomware is affecting users globally, here are things you can do

  • 298
    Shares
 June 28, 2017
Petya_ransomware_quick_heal

Estimated reading time: 2 minutes

Quick Heal Security Labs has come across a new strain of Petya Ransomware that is affecting users globally. This clearly looks like early signs of a new ransomware attack that is spreading fast across the globe. Currently, we have seen multiple reports of this ransomware attack from several countries. Our...

AES-NI Ransomware adopts combination of Fileless and Code Injection technique

  • 29
    Shares
 June 22, 2017

Estimated reading time: 3 minutes

Cybercriminals are adopting unique ways for spreading malware and this has been evident in the cases of the Cerber ransomware where the RIG exploit was used and the WannaCry ransomware which used the SMBv1 vulnerability. And now it’s the AES-NI ransomware which uses a combination of fileless and code injection...

WannaCry’s Never Say Die Attitude Keeps It Going!

  • 18
    Shares
 June 22, 2017

Estimated reading time: 3 minutes

Over the past few months, the cybersecurity world was at buzz due to the infamous WannaCry ransomware attack. The attack was launched on a massive scale. The campaign started after the disclosure of NSA exploit leak by a hacker group called Shadow Brokers. Taking advantage of unpatched systems all over...

WannaCry Ransomware Recap: Some important facts you need to know

  • 82
    Shares
 May 24, 2017

Estimated reading time: 3 minutes

Ransomware is a malware that locks your computer making it inaccessible or it encrypts your data. It then demands you to pay a ransom for unlocking the computer or decrypting the data. This post talks about the file encrypting ransomware called WannaCry – the biggest ransomware attack in history! 1....

MS17-010 – Windows SMB server exploitation leads to ransomware outbreak

  • 23
    Shares
 May 13, 2017

Estimated reading time: 2 minutes

The Microsoft Windows SMB (Server Message Block) is being actively exploited in the wild, post the Shadow Brokers (TSB) leak in April 2017. According to Microsoft’s blog, the exploits were already covered in previously released security bulletins. The Shadow Broker exploits named ‘EternalBlue’ and ‘EternalRomance’ and ‘EternalSynergy’ are addressed by...

Cosmos Bank website compromised with RIG Exploit Kit which drops Cerber Ransomware

  • 41
    Shares
 March 23, 2017

Estimated reading time: 3 minutes

Update: The incident has been taken care of by Cosmos Bank and its website (URL) is now clean and safe to use. Compromising popular websites has become a common strategy for attackers to spread infection in a widespread fashion. Attackers exploit unpatched vulnerabilities present on web servers in order to compromise...

Beware of Spora – a professionally designed ransomware

  • 47
    Shares
 February 1, 2017

Estimated reading time: 4 minutes

Spora is a recent addition to the ransomware family that Quick Heal Lab has come across.  It is a file encryptor ransomware that encrypts a user’s files with strong encryption algorithm and demands a ransom. Spora is launched with a good infection routine, the capability to work offline, well-designed and...