Blog

Spam

New wave of Mal-Spam campaign attaching Disk Imaging Files

Estimated reading time: 6 minutes

From past few months at Quick-Heal Labs, we have been observing a sudden rise in Spear Phishing mail containing distinct file formats as attachment like IMG, ISO, etc. These new types of attachments are mainly used to deploy some well-known and older Remote Access Trojans. The subject of these emails...

Ako Ransomware targeting businesses using RaaS

Estimated reading time: 5 minutes

Ako Ransomware targeting businesses using RaaS Quick Heal security researchers recently observed ransomware that uses RaaS (Ransomware as a Service) which is a subpart of MaaS (Malware as a Service). Before delving into the AKO ransomware or RaaS, one must understand what Malware as a Service means, as it is...

Beware! Email attachments can make you victim of spear phishing attacks

 June 21, 2019

Estimated reading time: 4 minutes

In the last few months, we’ve seen a sudden increase in Spear Phishing attacks. Spear phishing is a variation of a phishing scam wherein hackers send a targeted email to an individual which appears to be from a trusted source. In this type of attack, the attacker uses social engineering tricks and some...

GandCrab Riding Emotet’s Bus!

 February 15, 2019

Estimated reading time: 4 minutes

Emotet Known for constantly changing its payload and infection vectors like spam mail, Malicious Doc and even Malicious JS files. It compromised a very high number of websites on the internet. Emotet malware campaign has existed since 2014. It comes frequently in intervals with different techniques and variants to deliver malware...

GandCrab Ransomware along with Monero Miner and Spammer

  • 3
    Shares
 January 24, 2019

Estimated reading time: 6 minutes

Recently we saw a new campaign through spam mail attachment- zip file. It contains JavaScript file which delivers a bundle of GandCrab Ransomware, Monero miner and Spammer. This bundle of multiple malware variants is nothing new, it is common for ransomware to be paired with miner and spammer. This type...

GandCrab says, “We will become back very soon! ;)”

 December 18, 2018

Estimated reading time: 5 minutes

GandCrab has been in the wild since last week of January 2018. Over the period it kept learning from its mistakes and GandCrab’s agile development grabbed the attention of many security researchers. From moving its servers to Namecoin powered Top Level Domain (.BIT TLD) servers after the first breach, then learning from...

Ghost Has Arrived

 December 14, 2018

Estimated reading time: 5 minutes

On the back of an upswing in Ransomware activity, we decided to carry out an in-depth analysis of Ghost Ransomware. Interesting fact about this malware is that it uses multiple components to encrypt user files. Technical Analysis : Main malware executable (Ghost.exe) is compiled using the DotNet Framework. The infection...

Sophisticated Ransomware : “Katyusha”

  • 16
    Shares
 December 14, 2018

Estimated reading time: 6 minutes

For several months, Quick Heal Security Labs has been observing an increase in ransomware, we have found one more interesting ransomware which encrypts files and adds extension “.katyusha” and demands for an amount of 0.5 btc within three days and threatens to release the data to public download if the ransom is not...

Emerging trend of spreading malware through IQY files

 October 3, 2018

Estimated reading time: 4 minutes

Nowadays attackers are searching for new techniques to spread malware, recently we came across a new emerging way to deliver malware through IQY file. Till now we had seen spread of malware through various file types and chains such as Word document, Script, JAVA files. Fig 1: Attack chain IQY file...

Beware of the ‘Free Cycle Distribution Yojana’ WhatsApp message. It’s fake!

  • 93
    Shares
 July 30, 2018

Estimated reading time: 3 minutes

As India’s Independence Day (15th of August) approaches, messages about free distribution schemes are doing the rounds on WhatsApp. Just recently, Quick Heal Security Labs detected a widespread circulation of one such message claiming that the Indian government will distribute free cycles to students on Independence Day, under the Free...