Home > Knowledge Centre > Email malware

Proactive Measures to Safeguard against the Ransomware Menace

  • Quick Heal Security Labs / 3 years
  • 0
  • 6 min read

  Ransomware is a sophisticated malware that infects computing devices and holds the data hostage intending to extort money from its victims. Ransomware uses encryption techniques that render the victim’s data unusable. Ransomware attacks have evolved with time, and the encryption techniques to harm victims have also become sophisticated, which are often challenging to break. […]

Are Malware operators using NSIS Installers to bombard Stealers and avoid detection?

  • Tejaswini Sandapolla / 3 years
  • 0
  • 6 min read

  Threat actors have been using new techniques to hide their codes and avoid detection in every manner. They now use a new trend through NSIS (Nullsoft Scriptable Install System), which is an open-source installer that can bundle various files together. In the past, Malware attackers have used this NSIS-based crypter to hide themselves. This […]

POWERSHELL: AN ATTACKER’S PARADISE

PowerShell: An Attacker’s Paradise

  • Mrigank Tyagi / 3 years
  • 0
  • 6 min read

  PowerShell was originally intended as a task automation and configuration management program for system administrators. However, it didn’t take long for attackers to realize its potential for carrying out offensive operations without being detected. Due to PowerShell’s versatility, it can be seen in all stages of attacks, from initial infection vectors; used in macros […]

Cobalt Strike 2021 – Analysis of Malicious PowerShell Attack Framework

  • Saurabh Sharma / 5 years
  • 0
  • 5 min read

Cobalt Strike is a widespread threat emulation tool. It is one of the most powerful network attack tools available for penetration testers in the last few years used for various attack capabilities and as a command and control framework. Recently, Cobalt Strike has been used in various ransomware campaigns like Povlsomware Ransomware,  DarkSide Ransomware. Povlsomware […]

Ransomware As A Tool – LockerGoga

  • Ghanshyam More / 7 years
  • 0
  • 5 min read

Ransomware authors keep experimenting with the development of payload in various dimensions. In the timeline of ransomware implementations, we have seen its evolution from a simple screen locker to multi-component model for file encryption, from novice approach to a sophisticated one. The Ransomware as a Tool has evolved in wild and one of them has […]

Anatova, A modular ransomware

  • Shriram Munde / 7 years
  • 9
  • 7 min read

While everyone was engaged in new year celebrations, malware authors were busy creating new ransomware for 2019. Quick Heal Security Labs has observed the first ransomware of 2019 — Anatova. During our analysis, we found that Anatova is not just ransomware but a modular one. By modular ransomware we mean, though the main activity of […]

Mongolock Ransomware deletes files and targets databases

  • Shriram Munde / 7 years
  • 0
  • 3 min read

Ransomware has become one of the most dangerous cyber-attack methods because of the different techniques it uses to encrypt the files and evade the detection of security software to earn money. Also, at a time, it’s not limited to encrypting user’s files but also deletes the files and formats the local disk drives. Recently, Quick […]

A new ransomware campaign in the wild,Ryuk!!

  • Shriram Munde / 7 years
  • 1
  • 3 min read

Recently, Quick Heal Security Labs observed a new destructive ransomware named ‘Ryuk. Ransomware’. This ransomware campaign has already affected many users worldwide and seems to be a spear phishing attack. The compelling thing, it encrypts victim files without appending any extension but making files unreadable. Ryuk uses robust military algorithms such as ‘RSA4096’ and ‘AES-256’ […]