Tag: Malware

Weather Zero

Weather Zero is an unwanted program with a rather worrying capabilities

Weather Zero is a dropper-like unwanted program that disguises itself as a weather widget for Windows. It spreads as potentially unwanted software via bundling and can deliver malware to the target system. Its innocent looks make a lot of people ignore it or believe it is completely harmless and thus have little to no haste… Continue reading Weather Zero

Bloom.exe

Bloom.exe is a process related to a malicious miner

Bloom.exe is a malicious miner that masquerades as a legitimate process. Its job is to use the victim’s device to mine cryptocurrency for con actors. The most visible sign of its presence, aside from the process in the Task Manager, is an enormously high CPU load that comes from it. This effectively renders your system… Continue reading Bloom.exe

Trojan:Win32/Casdet!rfn

Trojan:Win32/Casdet!rfn is a pretty nasty thing. I recommend removing it as soon as possible.

Trojan:Win32/Casdet!rfn is a detection that indicates the possible presence of malware on your system. Users may encounter this detection after using pirated software or opening suspicious email attachments. In certain cases, Casdet may be a false positive detection. Casdet is a severe threat mainly used for reconnaissance and delivering other payloads to the device. It… Continue reading Trojan:Win32/Casdet!rfn

Trojan:Win32/Tnega!MSR

Trojan:Win32/Tnega!MSR may bring other malware to your system

Trojan:Win32/Tnega!MSR is a malicious program that functions to deliver other malware. It uses numerous anti-detection tricks and is often distributed as mods and cheats for popular games. Such threats are capable of delivering spyware, ransomware and pretty much any other malware. Trojan:Win32/Tnega!MSR Overview Trojan:Win32/Tnega!MSR is a Microsoft Defender detection that refers to malware that acts… Continue reading Trojan:Win32/Tnega!MSR

Virus:Win32/Grenam.VA!MSR

Virus:Win32/Grenam.VA!MSR is a detection for a backdoor-like malicious program

Virus:Win32/Grenam.VA!MSR is a type of malware that can stealthily get into the system and establish remote connections. It allows attackers to access the system and remotely perform keylogging and information-gathering functions. This malware usually spreads through fake software downloads and on compromised websites. Viruses like Grenam can be disguised as legitimate software. The specific capabilities… Continue reading Virus:Win32/Grenam.VA!MSR

Heuristic Virus

Heuristic Virus - What is it?

A heuristic virus is a term for malicious programs detected by heuristic analysis. This method flags potential threats by looking for abnormal activities, such as unusual network connections, file modifications, and process behavior. While heuristic detection can identify previously unknown malware, it is prone to false positives. What is Heuristic Virus? A heuristic virus is… Continue reading Heuristic Virus

Meduza Stealer

Meduza Stealer is a new malware sample that has a lot of reasons to become a prolific strain

The Malware world evolves constantly, and it would be reckless to ignore newcomers and their potential. Meduza Stealer appears to be a pretty potent stealer variant with its unique features and marketing model. Additionally, this malware may be considered a firstling of a new malware generation – one which breaks old geolocation filtering rules. What… Continue reading Meduza Stealer

How can an attacker execute malware through a script?

Script-Based Malware

Over the last four years, the share of script-based attacks of malware offenses worldwide has grown so drastically that it raised alerts among security specialists and ordinary users. In this post, we shall regard script-based malware, assess its strengths and weaknesses, explain how the attacks happen, and suggest measures to maintain security in your workgroup.… Continue reading How can an attacker execute malware through a script?

PUABundler:Win32/CandyOpen (PUA OpenCandy)

CandyOpen is a malware used to download unwanted software

PUABundler:Win32/CandyOpen (or OpenCandy) is an unwanted program that acts as a browser hijacker and can download junk apps to your system. Specifically, it points at a thing known as OpenCandy adware, which is known for its indecent behavior. Let’s break it down and see what the PUABundler/Candyopen in a real-world example. What is PUABundler:Win32/CandyOpen? As… Continue reading PUABundler:Win32/CandyOpen (PUA OpenCandy)

Hellminer.exe Coin Miner

Hellminer.exe is a process related to a malicious miner

Hellminer.exe is a process you can see in the Task Manager that indicates a malicious software activity. It stands out by the high CPU load it creates, making the system much less responsive. Let’s figure out what this process is, and how to get rid of it.