Estimated reading time: 5 minutes
Zloader aka Terdot – a variant of the infamous Zeus banking malware is well known for aggressively using “.xls”, “.xlsx” documents as its initial vector to deliver its payload. Despite this, recently we have come across “.docm” file which...
Estimated reading time: 2 minutes
Whaling attacks are a deadly combination of spear-phishing and social engineering. Like phishing attacks, the attempts of the perpetrators are similar – to get a target to reveal confidential data or even get tricked and send money. But whaling...
Estimated reading time: 2 minutes
Supply chains and industrial enterprises are being targeted through a series of ongoing spear-phishing attacks. This recent campaign, observed on systems within Germany, United States and Japan thus far, operates through the obfuscation of malware on public, legitimate sources....
Estimated reading time: 5 minutes
Summary Quick Heal Security Labs has observed a new malspam campaign that is targeting Manufacturing and Export industries in India. In this campaign, malware actors are making use of multiple sophisticated techniques to bypass defence mechanisms. In our analysis,...
Estimated reading time: 5 minutes
Quick Heal Labs have been tracking this Cyber-espionage operation since 2016. We have identified this attack as operation m_project. From the past year, we have seen a surge in these APT activities. Modus operandi of the attackers have remained...
Estimated reading time: 5 minutes
Use of Phishing emails is not new for cyber-attack and is still one of the classic strategies to compromise a victim’s machine. Cyber criminals lure victims to open email attachments (mostly Doc and XLS files) by faking them to...
Estimated reading time: 4 minutes
In the last few months, we’ve seen a sudden increase in Spear Phishing attacks. Spear phishing is a variation of a phishing scam wherein hackers send a targeted email to an individual which appears to be from a trusted source. In...
Estimated reading time: 11 minutes
In 2018, we saw a surge in Emotet activity. Emotet started as a banking trojan but this blog will shed light on how it has also become a “threat distributor”. We will also discuss server-side and client-side activity and...
Estimated reading time: 6 minutes
Cyber-attacks through phishing emails are increasing and generally, attackers use DOC embedded macros to infiltrate victim’s machine. Recently Quick Heal Security Labs came across a Phishing e-mail sample which uses Microsoft’s equation editor exploit to spread Hawkeye keylogger. Cybercriminals...
Estimated reading time: 4 minutes
Nowadays attackers are searching for new techniques to spread malware, recently we came across a new emerging way to deliver malware through IQY file. Till now we had seen spread of malware through various file types and chains such as...