WannaCry Ransomware Creating Havoc Worldwide by Exploiting Patched Windows Exploit!

  • 709
 May 13, 2017

Estimated reading time: 3 minutes

Ransomware are causing major disruptions in recent years. Recently leaked dump of NSA EternalBlue exploit is used by cybercriminals to spread WannaCry ransomware worldwide. Dump of MS-17-010 Windows OS Vulnerability was made public by the notorious Shadow Broker group on 14th April, 2017. This vulnerability affects most of the desktop...

Cosmos Bank website compromised with RIG Exploit Kit which drops Cerber Ransomware

  • 41
 March 23, 2017

Estimated reading time: 3 minutes

Update: The incident has been taken care of by Cosmos Bank and its website (URL) is now clean and safe to use. Compromising popular websites has become a common strategy for attackers to spread infection in a widespread fashion. Attackers exploit unpatched vulnerabilities present on web servers in order to compromise...

Beware of Spora – a professionally designed ransomware

  • 47
 February 1, 2017

Estimated reading time: 4 minutes

Spora is a recent addition to the ransomware family that Quick Heal Lab has come across.  It is a file encryptor ransomware that encrypts a user’s files with strong encryption algorithm and demands a ransom. Spora is launched with a good infection routine, the capability to work offline, well-designed and...

Ransoc – An unusual ransomware that threatens to expose your personal information

  • 194
 November 28, 2016

Estimated reading time: 2 minutes

Mostly a ransomware encrypts your files and demands money in exchange for a key that can decrypt the data. And the payment is demanded in Bitcoins. Ransoc is different in the way it works and the medium it uses for the payment. How does Ransoc work? Once your computer is...

Alert! A Fake Flash Player Website is Spreading Locky Ransomware

  • 49
 November 23, 2016

Estimated reading time: 3 minutes

The Locky ransomware, like all other ransomware, encrypts user data and demands a hefty ransom in exchange for the key that decrypts the data. A variant of this ransomware called ‘thor’ was recently found being distributed via a fake ‘Flash Player Update’ downloading website that goes by the name ‘’....

5 Compelling Reasons Not to Pay Ransom to Hackers

  • 34
 November 11, 2016

Estimated reading time: 3 minutes

Unless you’ve been living under a rock, you would know what a ransomware is and why are computer security folks constantly speaking about it. To put things into context, ransomware is a malicious software that locks your computer or encrypts the files stored in it. It then demands a ransom...

Alert! Ransomware is Being Spread through the Ammyy Admin Website

  • 236
 September 14, 2016

Estimated reading time: 2 minutes

This is a precautionary advisory for users who frequently visit the website of the popular remote desktop sharing software called Ammyy Admin. Quick Heal Labs has observed that a new variant of the Cerber3 Ransomware is being spread through the Ammyy Admin software on the official Ammyy Admin website. This...

Be Careful of the KMSPico Activator – It could be a Ransomware!

  • 2
 September 12, 2016

Estimated reading time: 1 minute

If you are using KMSPico Activator for activating your Windows or MS Office, then you could be risking yourself to a ransomware infection. Quick Heal Threat Research Labs has recently observed a new variant of ransomware called Domino that is using this activator as a carrier. The malware encrypts the...

How to Recover Files After a Ransomware Attack?

  • 4
 August 17, 2016
Recover data after a ransomware attack

Estimated reading time: 2 minutes

What if you know your data is securely backed up when a ransomware strikes and you don’t have to worry about recovering your files? The Backup and Restore feature of Quick Heal helps you achieve this. What is a Ransomware? Ransomware is a malware that either locks an infected computer...