In 2018, we saw a surge in Emotet activity. Emotet started as a banking trojan but this blog will shed light on how it has also become a “threat distributor”. We will also discuss server-side and client-side activity and how it spreads. Its self-propagation makes it all the more challenging for security vendors to detect […]
As a normal user we receive multiple emails on a daily basis with PDF as an attachment. Recently, at Quick-Heal Security Lab, we observed a malicious PDF file sent to users as an attachment via a phishing mail. These PDF files look like a regular document but that’s not the truth. It looks locked out […]
Quick Heal Security Lab has spotted few FakeApps with more than 50,000+ installations on Google Play Store. These applications appear to be genuine as a PDF reader, PDF Downloader, PDF Scanner etc., but don’t have such functionality. The main purpose of these apps is to increase the download count of other applications and improve their […]
GandCrab has been in the wild since the last week of January 2018. Over the period it kept learning from its mistakes and GandCrab’s agile development grabbed the attention of many security researchers. From moving its servers to Namecoin-powered Top Level Domain (.BIT TLD) servers after the first breach, then learning from silly mistakes of […]
Planning a trip this holiday season? While, you spend a considerable amount of time shuffling money on online bookings for flights, hotels, and cabs, take care that you DO NOT share your details on doubtful-looking travel sites. Just like holidays are a busy time for you and me, it’s an equally busy time for hackers, […]
On the back of an upswing in Ransomware activity, we decided to carry out an in-depth analysis of Ghost Ransomware. Interesting fact about this malware is that it uses multiple components to encrypt user files. Technical Analysis : Main malware executable (Ghost.exe) is compiled using the DotNet Framework. The infection vector of this ransomware is […]
For several months, Quick Heal Security Labs has been observing an increase in ransomware, we have found one more interesting ransomware which encrypts files and adds extension “.katyusha” and demands for an amount of 0.5 btc within three days and threatens to release the data to public download if the ransom is not paid. Malware is bundled with […]
The recent zero-day vulnerability CVE-2018-15982 in Adobe Flash Player enables attackers to perform a Remote Code Execution on targeted machines. Adobe has released a security advisory APSB18-42 on December 5, 2018 to address this issue. According to Adobe, the in-wild exploit is being used in targeted attacks. Vulnerable Versions Adobe Flash Player 31.0.0.153 and earlier […]
You are at your computer, engaged in some important work and suddenly a message pops up on the screen, “Your Antivirus software license has expired”. You conveniently choose to ignore the notification, intending to get back to it whenever you get free, but, you never do! What Happens when Antivirus Licence Expires Using Antivirus program […]
As holiday shoppers gear up for a shopping spree on Black Friday and Cyber Monday, it’s important to be on alert to protect yourself from getting scammed. Here are few tips to help you enjoy a carefree and scam free holiday shopping season: Do not get tricked by similar looking websites and brand URLs […]