Browse the HowToFix encyclopedia of threats.

Click any title to read information of the threat. If you can’t find what you are looking for, try using the search bar below to find a specific threat.

Emotet uses parked domains to distribute payloads

Domain owners often park them and use the services of special providers to monetize domains through ad networks while they are not used for their intended purpose. Recently, cybersecurity experts found out that attackers, for example, Emotet malware operators, use parked domains. up a parking...

Trojan Emotet Returns in Spam Attacks Dropping TrickBot, Qbot

After 2 quiet weeks, Trojan Emotet has ramped up its servers, downloading TrickBot and Qbot payloads. Cybercriminals behind the botnet upgraded the downloader stage by adding clean Microsoft files to packages, possibly to thwart detection by machine learning solutions. A large Emotet spamming...

New service checks email addresses for infection with Emotet

Bleeping Computer reported that Italian company TG Soft has launched a new Have I Been Emotet service (similar to the well-known Have I Been Pwned), which checks if a specific domain or email address was used as a sender or recipient in Emotet spam campaigns. Soft specialists say that their...

Information security specialists secretly vaccinated companies...

This spring, we talked in detail about the Cryptolaemus enthusiast group. It became known that specialists from Cryptolaemus for six months have been secretly vaccinating companies around the world from Emotet. includes more than 20 cybersecurity specialists from all over the world, who in 2018...

Microsoft experts told how Emotet turned off the city network in...

Microsoft experts said that during one of the malicious campaigns, Emotet malware turned off the computer network of “one of the organizations.” Information security experts believe that this is a city in Pennsylvania. to Microsoft, the malfunction was caused by an increase in the maximum load on...

TrickBot uses hacked systems for brute force attacks on RDP

Bitdefender experts have discovered a new module for the well-known banking Trojan TrickBot, which uses hacked systems to launch brute force attacks on RDP against Windows systems. module was noticed by experts at the end of January this year, it is called rdpScanDll. According to experts, the...