Estimated reading time: 5 minutes
Last week, we had blogged about the emergence of a new attack vector ‘.url’ which is used to spread malware. In this blog post, we will deep-dive into the attack chain of this ‘.url’ vector and elaborate on the...
Estimated reading time: 4 minutes
Cryptocurrencies are all the vogue now. This has resulted in the emergence of increasing cryptocurrency mining activities. Several platforms make mining services available to users. One such platform that provides JavaScript cryptocurrency miners for websites is CoinHive. Recently, we have...
Estimated reading time: 4 minutes
In Jan 2018, Greenfield, Indiana-based Hancock Health (healthcare network) was attacked by SamSam ransomware. It encrypted the files containing patients’ data which disrupted their critical services. Even though SamSam is not a new ransomware, it has evolved over a...
Estimated reading time: 4 minutes
No wonder malspam campaigns are a major medium to spread malware. Previously, we have written about such campaigns making use of MS Office malware such as malicious macro, CVE-2017-0199, CVE-2017-8759 and DDE-based attack. Recently, we have started observing various malspam campaigns...
Estimated reading time: 3 minutes
Cryptocurrencies like Bitcoin, Monero, Ethereum, Litecoin, and Tezos are in full swing. And they have exponentially increased cryptocurrency mining (or cryptomining) activities. Previously, cryptomining was carried out by powerful and dedicated mining hardware or by utilizing distributed computing because the entire process requires a lot of computation. However, there has been an observable change in the mining trends. Now,...
Estimated reading time: 3 minutes
Earlier we had blogged about how JAVA based jRAT malware were evolved in the recent times. At Quick Heal Security Labs, we are actively observing jRAT campaigns happening in the wild. These JAVA malware spread through phishing campaigns. While analyzing one such phishing campaign, we found...