Table of Contents
Table of Contents1. IoT Malware Attacks Increase to a Shocking Number 2. CDPwn (Added in February 2020)3. Nasty WinRAR Code Execution Bug Is a Dangerous Malware (Added in February 2020)4. ShadowHammer – Fake Asus Updates leads to Supply Chain Attack (Added in February 2020)5. Gustuff – New Android Banking Trojan 6. Emotet Malware7. Ryuk Ransomware8. Cyborg Ransomware9. CryptoMix Clop Ransomware10. B0r0nt0k Ransomware11. Yatron Ransomware12. Astaroth Trojan:13. GoBrut:14. Jokeroo:15. Gandcrab Ransomware16. Trojan Glupteba17. Kuik Adware18. Magniber Ransomware19. Thanatos Ransomware20. Trojan Panda Banker / Zeus PandaMalicious and Dangerous Computer Viruses You Cannot Overlook
Each year is a bumper year for cybercrime. Using the latest techniques, malicious computer viruses, etc hackers are targeting more devices. More than 30 billion threats have been blocked yet every day a new and dangerous virus emerges.
Therefore, it is necessary to keep ourselves updated about the deadliest computer viruses and stay safe. Computer viruses & dangerous malware like:
These are the examples of the everyday latest computer viruses, cyber threat landscape, trojan horses, worms and malware.
So, today, in this article, we will talk about these computer viruses and how to stay safe from malicious and recent computer viruses.
Preventive Measures to Stay Secure From A Computer Virus Attack
The obvious answer to this is we should use an updated and best anti-virus capable of detecting the latest computer virus. In addition to this, using a data recovery wizard tool like EaseUS is also recommended. This tool helps recover files deleted by the computer virus, an example of which was seen during the WannaCary attack. People who were using EaseUS were able to recover files even when their system was attacked. Hence we recommend using it along with using the best anti-malware software.
Top 20 Latest Computer Viruses & Malware Threats – 2020
1. IoT Malware Attacks Increase to a Shocking Number
In recent years, IoT has gained popularity for its ease of use but at the same time, for its lack of built-in firewall, it is surrounded by controversies. Most IoT devices fail to provide options to change the default username, thereby making devices an easy target for hackers. Due to this 217.5% increase has been noticed in attacks targeting IoT devices. Therefore, if you have any plans to invest in an IoT device we suggest looking for safety measures. Almost common security threats for IoT devices involve hijacking, leaks, home intrusions, etc.
2. CDPwn (Added in February 2020)
Security Threats for Tens of Millions of Network Devices
Don’t Ignore this, five high rated Cisco vulnerabilities labeled as CDPwn. When exploited by the attacker these four remote codes and one denial service will allow threat actors to take full control over all the Cisco devices.
These vulnerabilities are named as CVE-2020-3119 is a stack overflow vulnerability, CVE-2020-3118 is a format string vulnerability, CVE-2020-3111 is a stack overflow vulnerability in the parsing function, CVE-2020-3110 is a heap overflow vulnerability in the Cisco 8000 8000 series IP camera, and CVE-2020-3120 The denial of service vulnerability
3. Nasty WinRAR Code Execution Bug Is a Dangerous Malware (Added in February 2020)
WinRAR is a Windows file compression software used by over 500 million users across the globe. Recently security experts disclosed a nasty code execution vulnerability in WinRAR. This means attackers can use a compressed file to secretly install malicious applications on the Windows machine. The vulnerability is a result of an absolute path traversal flaw that existed in UNACEV.DLL a third-party code library that has not been updated for long.
A recent example of an exploit since the vulnerability has been discovered is piggybacked on a bootlegged copy of Ariana Grande’s hit album Thank U, Next with a file name of ‘Ariana_Grande-thank_u,_next(2019)_.rar”
Therefore, to stay protected we suggest updating WinRAR as it is not updated automatically.
4. ShadowHammer – Fake Asus Updates leads to Supply Chain Attack (Added in February 2020)
Asus computer users were recently attacked using compromised updated software. This means attackers were able to modify Asus Live Update Utility used to deliver firmware and software updates. Confused!
Let me explain in simple terms, threat actors used Asus own servers to deliver malware via a backdoor dubbed ShadowHammer. Although the malware attack targeted specific users, this doesn’t mean you are safe. The malware was distributed to over 1 million people. To know if your Asus PC is affected by the latest malware or not click here.
5. Gustuff – New Android Banking Trojan
It’s not that only malware is dangerous, trojans are also gaining popularity. A new Android banking trojan dubbed Gustuff is gaining popularity. This Android banking trojan targets cryptocurrency apps, known banks like Bank of America, Bank of Scotland, etc.
This latest and dangerous malware uses social engineering to trick users to get access to Android Accessibility service. A feature meant for users with disabilities that can automate UI interaction on the user’s behalf. If you think you need an antivirus app for your Android checkout this list.
6. Emotet Malware
With each passing day, hackers are becoming smart. Now instead of sending emails, they are taking advantage of the fear over coronavirus outbreak.
In a recent security report, it has been found that hackers are sending spam emails to potential victims in Japan. The email claims to provide information about coronavirus the deadliest virus the continues to stir widespread fears.
Once the document is downloaded and opened a series of commands is launched that downloads Emotet malware. Earlier Emotet emails were focused on corporate style payment notifications but this time due to the wide impact of coronavirus Emotet is targeting it.
- Avoid clicking or opening links in emails directly.
- Type in the main URL in the browser or search brand via a known search engine.
- Ensure ant-virus is updated.
- Block all URL and IP based IOCs at the firewall to remediate this threat.
- Keep applications and operating systems updated.
7. Ryuk Ransomware
Since August 2018 this nastiest ransomware has been targeting large organizations to get high ransom in return of data. This latest malicious computer virus is used to target enterprise environments and is derived from the source code of Hermes.
It is distributed via either spam mail or through the use of Emotet. Ransom note of Ryuk new computer virus is written to a file name RyukReadMe.txt. and it is unique for each compiled executable.
This latest computer virus Ryuk ransomware encrypts files using RA-248 and AES-256. Stores keys in the executable using the proprietary Microsoft format and uses a file maker of HERMES to check if a file is encrypted.
8. Cyborg Ransomware
PC Cyborg also known as (AIDS) Aids Info Disk Trojan, is the first-ever ransomware introduced through a floppy disk. This is why it is called AIDS. This trojan horse virus replaces AUTOEXEC.BAT used to count the number of times a computer is booted. documented.
Recently a variant of this ransowmare known as Cyborg is found in fake Windows 10 November update. Hackers are using Cyborg ransomware to encrypt victim’s files and ask them to pay the ransom.
It is distributed as an attachment with .jpg extension which is an executable file. Once the victim clicks on it bitcoingenerator.exe file is downloaded from misterbtc2020, a Github account that is not deactivated. This ransomware then encrypts files and shows a ransom note “Cyborg_DECRYPT.txt” informing them about the act and asking for ransom.
Cyborg ransowmare, a malicious computer virus can be created and spread by anyone who gets the builder. Not only this, attackers can craft this ransomware to use with known ransomware extension.
Currently, there’s no way to deal with Cyborg ransomware.
9. CryptoMix Clop Ransomware
This recent computer virus of CryptoMix Clop ransowmare targets a complete network instead of individual machines. The new variant was discovered around the end of Feb 2019 and was found equipped with more email addresses as compared to the older CryptoMix Clop variant.
CryptoMix Clop once executed starts terminating different Windows services and processes resulting in disabling anti-virus running on the Windows machine. In addition to this, this ransowmare encrypts the victim’s files and changes the extension to .Clop or .Clop extension. Once all this is done a ransomware note informing the victim about the attack is displayed.
Currently, there is no means to decrypt the files encrypted by CryptoMix Clop for free.
10. B0r0nt0k Ransomware
A ransomware computer virus is of different types but as we know all, they are designed for monetary purposes. Ransomware can spread via various methods as malicious software, email attachments, external storage devices, and others.
The latest strain of computer virus known as B0r0nt0k ransomware emerged on February 25th, 2019 encrypts a file on the Linux server and adds an extension. rontok to the encrypted files. Although B0r0nt0k crypto-ransomware is designed for Linux systems and websites it works like the computer viruses designed for Windows. This computer virus apart from affecting data goes one step ahead as it makes changes to
- Startup settings
- Registry entries
- File or programs
To decrypt files attacker demands 20 Bitcoin that are to be paid within three days from the day of the attack. Failing to do so the attacker deletes data permanently. Moreover, this cryptovirus is considered dangerous as it can disable security tools.
- Take regular data backup
- Apply latest security patch
- Use intrusion prevention services to block application exploits
11. Yatron Ransomware
Latest Ransomware-as-a-Service called Yatron is being promoted on Twitter these data. This computer virus works like other ransomware and encrypts targeted files. IT spreads to another computer via EternalBlue and DoublePulsar exploits. Not only this Yatron Ransomware tries to delete encrypted files if the victim fails to make payment within 72 hours.
Apart from exploiting the weaknesses, Yatron computer ransomware will try to spread through P2P programs by copying ransomware executable to default folders.
- Always keep a backup of important files
- Avoid enabling macros in attachments received
- Do not download unsolicited attachments
- Use admin account only when necessary
12. Astaroth Trojan:
First emerged in 2017 this latest computer virus has already targeted over 8000 systems. It is being used in spam campaigns across Europe and Brazil. This computer trojan spreads through .7zip file attachments and malicious links. Astaroth Trojan targets antivirus tools to steal usernames and passwords.
- Use 2-FA to add an extra layer of security to your machine
- Keep your machine and security tools updated
- Run the latest firewall and dedicated Internet security tool
GoBrut the latest computer virus is not technically sophisticated but can slow down the Internet and cause damage to thousands of computers. This malicious computer virus is Golang based and uses brute force to spread itself on Windows and Linux machines.
This malware can exploit a number of vulnerabilities especially the websites that still use weak passwords are on target. Not only this StealthWorker malware is also capable of updating itself.
- Use strong and complicated passwords
- Use progressive delays
Use change response test to prevent automated submissions
Also, Know –10 Best CCleaner Alternatives
This recent computer virus also works as Ransomware-as-a-Service and it is being promoted on Twitter via underground hacking sites. This computer virus threat allows affiliates to gain access to a functional ransomware and payment server. Jokeroo started promoting itself as a GrandCrab Ransomware on Exploit.in.
- Practice safe browsing
- Update operating system and security applications
- Regular backup of files and other important data
15. Gandcrab Ransomware
It is one of the most current computer viruses. Gandcrab ransomware spread through malvertisements, explicit websites, or spam emails, which leads the user to Rig Exploit Kit Page or GrandSoft EK page. Through these pages, Gandcrab makes an entry into users’ systems and devices.
Once this malicious ransomware is active on the system, it starts to gather user’s personal information such as username, keyboard type, presence of antivirus, IP, OS version, current Windows version, etc. Soon after this, Gandcrab malicious computer virus makes its next move on the basis of information collected. After which it kills all tasks & processes running on the system so that it can start encrypting the data and files present in the system.
It then generates public and private keys on the user’s system, which are then forwarded to C2 server hosted on .bit domain.
As soon as the key is delivered it starts its process of encryption by using the public key generated and adds ‘.GDCB’ extension to all encrypted files. After this, it sends a file containing a ransom message on the user’s system in return for the decryption of their data. The name of the file with a ransom message is ‘GDCB-DECRYPT.txt’.
– Regular backup of important data and files.
– Update operating systems and applications.
– In case of attack, try using ransomware decryption tools.
16. Trojan Glupteba
This is one of the deadliest computer viruses that have several variants with different functionalities.
This trojan reaches the system through a file dropped by other malware or by exploit kits. It activates as a service and enables processes on the system pretending to be legit or authentic software. Glupteba directly communicates to IP addresses and ports to collect user’s information. It diverts the traffic and users towards various unknown domains such as ostdownload.xyz, travelsreview.wo, rldbigdesign.website, sportpics.xyzkinosport.top.
– Enable web and email filters.
– Restrict macros in Microsoft Office products.
– Practice safe browsing.
Must Read: Top 10 Antivirus For Windows
17. Kuik Adware
This is one of the malicious computer viruses in the form of malware & adware dubbed as ‘Kuik’. It acts as a legitimate Adobe Flash Player update by masking itself.
This deadliest computer virus comes with three modules that are legitimate flash player, certificate and .exe file named ‘upp.exe’.
Once the virus enters the system, it communicates with all established network interfaces and adds the DNS 22.214.171.124.
After this, it starts collecting personal information and data from the user’s system and forwards it to the hosting domain ‘kuikdelivery.com’. As soon as the information reaches the domain server, it activates various other malicious tasks on a system that also includes chrome extension from unknown sources, coin miners, etc.
– Regular backup of important data and files.
– Enable authentic antivirus and spyware.
– Restrict from spam emails and also from attachments of file types,
18. Magniber Ransomware
This latest computer virus is most active in Asian countries. Magniber is spread through malvertisements, infected websites that redirect the user to the Magnitude exploit kit page. It is the oldest serving malicious browser toolkit that is still in use to distribute the ransomware.
As soon as Magniber enters into the system, it starts encrypting the data and files with the use of a unique key. Once encrypted, it adds the .dyaaghemy extension to all the files encrypted.
– Regular backup of data and files.
– Update operating systems and applications.
– Block the file extensions such as,
19. Thanatos Ransomware
It’s a new computer virus named ‘Thanatos’, which is distributed through malvertisements, spam emails with malicious attachments and file types, etc. This is very similar to the most famous computer virus that is the ILOVEYOU computer virus.
The most complicated part is to decrypt the data been encrypted by this ransomware. This is because it generates different keys every time for encryption and does not save these keys anywhere making it difficult to recover.
After this, it drops payload in the user’s system in the form of .exe file or .txt file, which is set for autorun and opens every time the system is restarted. This payload starts encrypting files and adds ‘.thanatos’ extension to encrypted files. Soon, the user receives a ransom pay message on its system.
– Disable macros and Activex when using MS Office products.
– Keep a regular backup of data and files.
– Update operating systems and applications.
20. Trojan Panda Banker / Zeus Panda
This latest virus is very much identical to top computer virus Zeus banking trojan malware. This malware uses the web to inject malicious code and steal users’ banking information and credentials.
It basically is distributed through exploit kits, such as Ngler exploit kit, Nuclear exploit kit, and Neutrino exploits kit.
Not only from exploit kits, but this new computer virus is also spread through social networking sites, spam emails, and adult sites as well.
After getting installed on the system, this malicious computer virus starts searching for information such as antivirus, spyware, username, password, etc. This information is passed on to C2 server. And, once this is done, it starts to steal banking credentials, transaction information, and other info as well.
– Regular backup of important data and files.
– Update operating system and applications.
– Block attachments of file types,
Malicious and Dangerous Computer Viruses You Cannot Overlook
Ever witnessed a virus attack on your machine? If not then you must be interested to know about them and how they work. These threats a.k.a. computer viruses are very dangerous and they create havoc.
It’s always interesting to know about something that is much talked about and how a tiny code can wreck your computers. In this article, we will discuss, the famous and malicious computer viruses ever seen.
Melissa was the mass-mailing macro virus created by David L.Smith in 1999. It targeted Microsoft Word and Outlook based systems by infecting Word document posted up on the alt.sex Usenet group. Thus making people curious to download and open the document, which ended by unleashing the payload.
Melissa computer virus was capable of mailing itself to 50 people present in the victim’s address book.
We have heard a lot about malware, viruses, and computer security threats. But there’s is a new kid playing around, known as Ransomware. Some of us know what it is, but still many are unaware of the way ransomware work and how harmful it can be.
Ransomware is a type of deadliest computer virus malware that takes your files hostage. Similarly, as bad guys kidnap someone in movies and then demands ransom to return them back. Ransomware works very much like that except this time it’s your system taken up by the faceless criminals.
Cryptolocker is a type of trojan ransomware released in 2013 that spread itself through email attachments. Once its downloaded malicious code hidden in the attachment encrypts all user files making them inaccessible.
Thus asking the victim to pay a certain amount of ransom to get the decryption key. This demand of money can vary from a few hundred pounds up to a couple of grand or in form of cryptocurrency. In some cased system restore might work therefore, it is recommended to take a backup of files to stay protected.
CryptoLocker is just the tip of the iceberg by now there are thousands of ransomware lurking on the internet waiting for the user to fall for them.
ILOVEYOU sound of this word brings sweetness and warmth, doesn’t it? Indeed, it does but do you know this computer virus was one of the well-known and malicious computer viruses of its time.
It’s been more than a decade since ILOVEYOU computer virus was found wandering on the internet. But today things are different there are stern security measures taken.
But this doesn’t overrule the fact that we should learn from the past. ILOVEYOU was the most dangerous computer virus as it encouraged hackers to use the keyboard as a weapon.
But why is it considered that ruthless?
In early 2000 malware was a myth that was the reason it could easily getaway. But things have changed now no one will ever fall for tricks used by hackers at that time like opening an email that has a subject line “I love you”.
Snoopy people were the most common victim of it, as they fall for such tricks easily. They don’t worry about the sender what they do is to open the mail and compromised their system.
How was the malware downloaded?
The malware worm was downloaded by clicking on an attachment named ‘LOVE-LETTER-FOR-YOU.TXT.vbs’.
Once ILOVEYOU gets into the system it overwrites system files, personal files and spreads itself all over the system.
Researchers found about the virus and made people aware of it but no one paid attention and many machines were compromised.
Not only thins ILOVEYOU was so popular that it got a place in the Guinness World Record as the most ‘virulent’ virus of all time.
Also Read: Do I Need an Antivirus Program for My Mac?
MyDoom is another damaging virus that surfaced in 2004. This worm for Windows was competing with ILOVEYOU and was a record holder email spreading the worm.
Although the author is unknown, it is believed that the threat actor was paid for it. The name Mydoom explains the threat and this name was given by Craig Schmugar a McAfee employee. Unlike other worms, computer viruses Mydoom hit big giants like SCO, Microsoft, and Google through Distributed Denial of Service attack.
5. Storm Worm
Storm Worm was another vicious computer virus that made its occurrence in 2006. It sends out an email with a subject line – ‘230 dead as storm batters Europe’ targeting news fan. As soon as the user clicks on it the problem starts.
Storm Worm was a Trojan horse that infected multiple machines and turned them into zombies known as bots. These bots are used to spread viruses by sending out a huge amount of spam mail.
Note: Never open an email received from an unknown person.
6. Sasser & Netsky
Sasser and Netsky are two worms created by a 17-year-old Sven Jaschan. These two worms are grouped together as they are similar. This makes experts believe that both codes are created by the same person.
Sasser and Netsky both infect the machines but differently. The former spread infection by scanning random IP addresses and instructing them to download the virus. Whereas the latter was a more viral and dangerous computer virus as it was an email-based worm.
Also Read: Scarab Ransomware Targets E-mail Accounts
Stuxnet is the scariest computer virus spread by a USB thumb drive targeting software control. A malicious computer virus-like Melissa that can centrifuge to self-destruct.
So, this was all folks! This is the list of some of the most dangerous and latest computer viruses. Follow all the necessary web practices and preventions to stay safe and secure. And in case you find some loophole, make sure you report it to your service provider as soon as possible.
If you found this helpful, please let us know. You can also drop your feedback in the comment section below.