Blog

Ransomware

WannaCry’s Never Say Die Attitude Keeps It Going!

  • 18
    Shares
 June 22, 2017

Estimated reading time: 3 minutes

Over the past few months, the cybersecurity world was at buzz due to the infamous WannaCry ransomware attack. The attack was launched on a massive scale. The campaign started after the disclosure of NSA exploit leak by a hacker group called Shadow Brokers. Taking advantage of unpatched systems all over...

WannaCry Ransomware Recap: Some important facts you need to know

  • 82
    Shares
 May 24, 2017

Estimated reading time: 3 minutes

Ransomware is a malware that locks your computer making it inaccessible or it encrypts your data. It then demands you to pay a ransom for unlocking the computer or decrypting the data. This post talks about the file encrypting ransomware called WannaCry – the biggest ransomware attack in history! 1....

MS17-010 – Windows SMB server exploitation leads to ransomware outbreak

  • 23
    Shares
 May 13, 2017

Estimated reading time: 2 minutes

The Microsoft Windows SMB (Server Message Block) is being actively exploited in the wild, post the Shadow Brokers (TSB) leak in April 2017. According to Microsoft’s blog, the exploits were already covered in previously released security bulletins. The Shadow Broker exploits named ‘EternalBlue’ and ‘EternalRomance’ and ‘EternalSynergy’ are addressed by...

WannaCry Ransomware Creating Havoc Worldwide by Exploiting Patched Windows Exploit!

  • 709
    Shares
 May 13, 2017

Estimated reading time: 3 minutes

Ransomware are causing major disruptions in recent years. Recently leaked dump of NSA EternalBlue exploit is used by cybercriminals to spread WannaCry ransomware worldwide. Dump of MS-17-010 Windows OS Vulnerability was made public by the notorious Shadow Broker group on 14th April, 2017. This vulnerability affects most of the desktop...

Cosmos Bank website compromised with RIG Exploit Kit which drops Cerber Ransomware

  • 41
    Shares
 March 23, 2017

Estimated reading time: 3 minutes

Update: The incident has been taken care of by Cosmos Bank and its website (URL) is now clean and safe to use. Compromising popular websites has become a common strategy for attackers to spread infection in a widespread fashion. Attackers exploit unpatched vulnerabilities present on web servers in order to compromise...

Beware of Spora – a professionally designed ransomware

  • 47
    Shares
 February 1, 2017

Estimated reading time: 4 minutes

Spora is a recent addition to the ransomware family that Quick Heal Lab has come across.  It is a file encryptor ransomware that encrypts a user’s files with strong encryption algorithm and demands a ransom. Spora is launched with a good infection routine, the capability to work offline, well-designed and...

The Remote Desktop Protocol Vulnerability – ‘CVE-2012-0002’ is not dead yet!

  • 22
    Shares
 December 13, 2016

Estimated reading time: 2 minutes

On March 13, 2012, Microsoft disclosed the details of a ‘critical vulnerability’ called Remote Desktop Protocol Vulnerability – CVE-2012-0002 in its bulletin. And even four years after this vulnerability was patched, it is still being exploited in the wild by attackers to carry out ‘Remote Code Execution’ on their victims...

Ransoc – An unusual ransomware that threatens to expose your personal information

  • 194
    Shares
 November 28, 2016
Ransoc_ransomware

Estimated reading time: 2 minutes

Mostly a ransomware encrypts your files and demands money in exchange for a key that can decrypt the data. And the payment is demanded in Bitcoins. Ransoc is different in the way it works and the medium it uses for the payment. How does Ransoc work? Once your computer is...

Alert! A Fake Flash Player Website is Spreading Locky Ransomware

  • 49
    Shares
 November 23, 2016

Estimated reading time: 3 minutes

The Locky ransomware, like all other ransomware, encrypts user data and demands a hefty ransom in exchange for the key that decrypts the data. A variant of this ransomware called ‘thor’ was recently found being distributed via a fake ‘Flash Player Update’ downloading website that goes by the name ‘fleshupdate.com’....

5 Compelling Reasons Not to Pay Ransom to Hackers

  • 34
    Shares
 November 11, 2016
5-compelling-reasons-not-pay-ransomware-attack

Estimated reading time: 3 minutes

Unless you’ve been living under a rock, you would know what a ransomware is and why are computer security folks constantly speaking about it. To put things into context, ransomware is a malicious software that locks your computer or encrypts the files stored in it. It then demands a ransom...