PREVIOUS
PREVIOUS
  • ANDROIDOS_STEALERC32

    This malware is a variant of a VMAP, a mobile component of targeted attacks which affected various sectors in the Middle East. It is capable of searching and extracting information from affected units, record calls, locating devices via geolocation, and downloading and installing other applications.
    Read more   

  • RANSOM_CRYPTOQKG.A

    Dubbed as qkG, this file-encrypting ransomware is written entirely in Visual Basics for Applications (VBA) macros. This is rare considering ransomware families that use malicious macros to download the malwareAfter this malware infects the normal.
    Read more   

  • RANSOM_BADRABBIT.SMA

    This ransomware known as Bad Rabbit infected systems belonging to several high profile companies in Ukraine and Russia. It arrives via watering hole attack on compromised websites.
    Read more   

  • RANSOM_BADRABBIT.A

    This ransomware, also known as Bad Rabbit, reportedly spread to networks of some high profile companies located in Ukraine and Russia. It spreads via network shares.
    Read more   

  • WORM_RETADUP.D

    This malware is one of the variants/components of RETADUP malware discovered on September 2017 to be hitting users in South America for purposes of cryptocurrency mining. Users infected by this malware may find malicous behaviors being exhibited upon their system.
    Read more   

  • TROJ_MALEPS.B

    This malware is associated with attacks involving malicious attachments for Hangul Word Processor (HWP). In the attack, PostScript is used to gain access to a victim's machine.
    Read more   

  • TROJ_HWDOOR.B

    This malware is associated with the attacks against the word processing application Hangul Word Processor (HWP), which is able to run PostScript code. The attacks do not involve actual exploits, the attackers instead abuse a feature of PostScript.
    Read more   

  • TROJ_HWDOOR.A

    This malware is associated with the attacks against the word processing application Hangul Word Processor (HWP), which is able to run PostScript code. The attacks do not involve actual exploits, the attackers instead abuse a feature of PostScript.
    Read more   

  • TSPY_EMOTET.AUSJLA

    This information stealing malware arrives as spam spoofing an invoice or payment notification. If the user clicks the URL in the email, it executes a PowerShell command that downloads EMOTET.
    Read more   

  • TSPY_EMOTET.AUSJKV

    This information stealing malware arrives as spam spoofing an invoice or payment notification. If the user clicks the URL in the email, it executes a PowerShell command that downloads EMOTET.
    Read more   

PREVIOUS
PREVIOUS