15 'Virus' in 2020 that internet users in India must be careful

 15 'Virus' in 2020 that internet users in India must be careful

This is mostly a ransomware, malware and banking trojans aimed at stealing money or sensitive information from individuals and organizations. Some of the Android smartphone targets while others spread through office networks. Here are 15 warnings of this virus from Cert-in that organization and individuals need to be careful ...

Polok Ransomware targets government and health organizations

Cert-in reported "prolock" on August 2020. This is the successor to the Pwndlocker Ransomware strain that appears at the end of 2019. Ransomware affects the organizations of various sectors including government, financial, retail and health care organizations.

'Backdoor Virus' based OS Linux called Doki

Cert-in reports about backdoor-based Linux OS named "Doki" in August. spread. The attackers exploited boom cloud computing infrastructure which is usually based on Linux architecture to attack Linux systems and servers. The attackers targeted a publicly accessible server docker held with popular cloud platforms, including AWS, Azure, and Allbaba. According to the certificate, this attack is very dangerous because the facts of the attackers use container escape techniques to gain full control over the victim's infrastructure.

Blackrock Malware Targets Android Smartphones

Cert-in reported about Blackrock Malware in July. It is equipped with data stealing, and attacking various Android applications. "It can steal credential information and credit cards from 300+ targeted applications such as e-mail clients, e-commerce applications, virtual currencies, message delivery / social media, entertainment, banking applications, financial applications etc.," he said.

Clop Ransomware stole sensitive data and leaked it on the dark web

According to the certificate, "Clop" is active in attacker organizations / institutions throughout the world. Posting compromise Ransomware leaks information if the deal of negotiation negotiations fails. Leakproof information includes data backup, financial records, thousands of emails and vouchers etc.

Thiefrquest Ransomware Install Keylogger and Spy on Victims

This ransomware does not only encrypt files on the system but also install keyloggers, remote shells and steal files related to the cryptocurrency wallet from infected hosts. Even after the ransom has been paid by the victim, the attacker continues to have access to the computer and can issue the file and emphasis button. So, the attackers can impose the victim.

Conti Ransomware attacks the company's network and is operated by humans

Conti Ransomware infects at the stage and violates the company's network and spreads laterally to acquire domain administration rights to deploy Ransomware. Conti is a human-operated ransomware designed to be controlled directly by the operator than being executed automatically by itself, according to the certificate.

Wastedlocker Ransomware Targets Media, IT and Other Manufacturing Industry

Wastedlocker Ransomware is associated with the famous cybercriminal clothing "Evil Corp." which was previously related to some terrible cyber attacks too. According to certification, the attack mainly focuses on A.S. Organizations located various industries including manufacturing, media, IT, health care, and more.

Thanos is a ransomware-as-a-service tool that offers special services

The new Ransomware-As-A-Service (Raas) tool, called "Thanos" provides buyers and affiliate customization tools to build unique charges. This Ransomware family employs riplace tactics used to cut the security of the endpoint of anti-ransomware, according to certification.

Lucifer Malware targets Windows machines with Crypto-Jacking and DDoS attacks

"Lucifer" targets a Windows system with Crypto-Jacking and DDoS attacks. Reports show that this malware uses a complete list of critical vulnerabilities that are not seen, according to the certificate.


"Tycoon" targets Windows and Linux OS and is involved in a highly targeted attack campaign that targets small and medium software and the education industry. As identified, malware is deployed in targeted attacks on organizations where the system administrator is locked from their system after the attack on the domain controller and file server, according to the certificate.

Snatch Ransomware Processing Brute Forcing Remote Desktop Protocol (RDP) Account

"Snatch" interferes into the target organization network through a Brute Forcing Remote Desktop Protocol account (RDP). 

Victorygate botnet mines cryptocurrency causes the device to the heat

VictoryGate botnets using all available utas to do cryptocurrency mining produces a 90-99% CPU load so that it slows the infected device and causes too hot that can even damage it. Also, when the USB drive is connected to an infected machine, the file is copied in a hidden directory with a malicious code, according to the certificate.

EventBot Malware Read OTPS on Android Phones

EventBot is a mobile banking Trojan and Infousaler that abuses Android internal accessibility features to steal user data from financial applications, read the user's SMS message and an SMS message interception that allows malware to cut authentication two factors, according to the certificate.

Maze Ransomware targets the shortcomings in Adobe Flash Player and Windows

Maze Ransomware is often sent via email or exploit kits such as Fallout and Spelevo. Kit Fallout and Spelevo Exploit utilize the shortcomings in Adobe Flash Player and Microsoft Windows (CVE-2018-8174, CVE-2018-15982, and CVE-2018-4878). In addition, the Ransomware labyrinth uses remote Desktop Protocol (RDP) and evil ads as the attack vector, according to the certificate.

Kinsing malware affects the docker container to mine cryptocurrency

"Kinsing" was reported that hunting for labor-affected labor openly and infected them with a container who runs Crypto miners, according to the certificate.