Notification
Latest News

Quick Bytes: Top 5 Cyber News of the

Feb 14, 2024

MedusaLocker Ransomware: An In-Depth Technical Analysis and Prevention

Oct 13, 2023

Quick Heal v24, and What’s New About It?

Oct 12, 2023

The Human Factor: Why User Education is Critical

Jun 23, 2023

Quick Bytes: Top 5...

MedusaLocker Ransomware: An In-Depth...

Quick Heal v24, and...

The Human Factor: Why...

Antivirus Security and the...

THE PERILS OF RANSOMWARE...

Home Sites > US > Security > Alert! Ransomware is Being Spread through the Ammyy Admin Website
#Security

Alert! Ransomware is Being Spread through the Ammyy Admin Website

  • Sakshat Karkare / 9 years
  • September 14, 2016
  • 104
  • 2 min read

This is a precautionary advisory for users who frequently visit the website of the popular remote desktop sharing software called Ammyy Admin.

Quick Heal Labs has observed that a new variant of the Cerber3 Ransomware is being spread through the Ammyy Admin software on the official Ammyy Admin website. This news, however, is not surprising as this website has been found to host malware on several other instances. In a previous case, the website was found to spread the notorious Cryptowall 4.0 Ransomware.

ammyy

Fig 1 Ammyy Admin official website

The Quick Heal Threat Research and Response Team recently observed increased cases of Cerber ransomware infections wherein the victims had downloaded and run the Ammyy Admin software from the original website. And our analysis of the malware found these observations to be true.

A technical analysis of the ransomware is available in this downloadable PDF.

PDF icon

 

 

 

How Quick Heal helps
Quick Heal Web Security feature proactively detects and blocks websites on the basis of their malicious reputation and inconsistency in delivering actual applications.

How to Stay Safe from the Cerber Ransomware?
• Avoid visiting the Ammyy Admin website.
• Remove the Ammyy Admin software if you have it on your computer.
• Do not respond to unknown or unwanted emails that urge you to click on links or download attachments, no matter how urgent such emails might sound.
• Run an antivirus software that detects and blocks infected websites and emails with malicious content.
• Take regular backups of your important files. Remember to disconnect the Internet when you are backing up on a hard drive. Unplug the drive before you go online again.
• Apply all recommended security updates (patches) to your Operating System, programs like Adobe, Java, Internet Browsers, etc. These updates fix security weaknesses in these programs and prevent malware from exploiting them.

 

ACKNOWLEDGMENT

Subject Matter Experts
• Shantanu Vichare
• Dipali Zure
– Threat Research and Response Team

Alert! Ransomware is Being Spread through the Ammyy Admin Website

Be Careful of the KMSPico Activator –

Sakshat Karkare
September 28, 2016
Alert! Ransomware is Being Spread through the Ammyy Admin Website

Update your Quick Heal Total Security App

Sakshat Karkare
September 28, 2016

Leave a comment

Your email address will not be published. Required fields are marked *