We had included Win32/Kuluoz and Win32/Cleaman in the June edition of the Microsoft Malicious Software Removal Tool (MSRT). In this blog post we will discuss Win32/Cleaman – a family that belongs to the category of “web redirector”. Win32/Cleaman is a multi-component trojan with the capability to redirect web search queries. It is usually distributed via […]
In our previous blog post our AVG Web Threats Research group analyzed a Blackhole exploit kit serving the fake FBI Ransomware. Today we will have a look at the ransomware itself. Payload Here is a typical ransom malware payload once it’s active on infected computer: User’s desktop is locked with a full-screen information displayed Task […]
Earlier today, while doing our daily data mining, we came across a new variant of ZeuS 2.x. It includes a new backdoor command called: win_unlock. Very interesting, turns out this slightly modified ZeuS 2.x includes a ransomware feature. When this particular variant is executed, it opens Internet Explorer with a specific page (lex.creativesandboxs.com/locker/lock.php) and prevents […]
Latest Comments