MailGuard Blog

A computer virus that seeks out and destroys antivirus software; that’s AVCrypt, a new ransomware variant discovered on Friday.

The AVCrypt malware is designed to locate and delete PC antivirus software Windows Defender and Malwarebytes and then install ransomware onto an infected computer. By eliminating the computer’s antivirus programs before beginning the ransomware attack, AVCrypt effectively removes the local security protection that most PCs rely on to prevent such attacks, making this a very dangerous new malware strain.

Cybercriminals are starting to behave like corporations and it’s not that surprising, considering cybercrime is a multi-billion dollar industry.

Hackers producing malware like trojans, ransomware and spyware don’t usually run solo scams anymore; they set up an online shopfront and lease their products to anybody who wants to use them.

On Wednesday this week, MailGuard CEO Craig McDonald published a thought provoking post on the blog dealing with cybercrime attacks against senior management and business owners.

In his article Craig writes:

"Brad (not his real name) is the founder and CEO of a major logistics company. The story he told me is astonishing, but unfortunately, it is also true. It started at 6:25 pm on a Friday. Brad sat down at his computer and clicked open his email inbox.

You may have heard of the ‘dark web’ but to most of us it’s just a sinister sounding name. For the world of organised crime though, the dark web is a one-stop robbing shop. It’s a place where crooks can buy ready-made software for extortion, fraud, and intelligence gathering.

On Tuesday morning (24^th Oct) a new ransomware attack started appearing in Russia and surrounding regions. Dubbed ‘Bad Rabbit’, this malware seems to be targeted at corporate networks and is disguised as a fake Adobe Flash Installer.

It’s almost a week since we learned about the worldwide cyber attack known as WannaCry, a ransomware cryptoworm outbreak. 

Security specialists around the world are still trying to track down the entry point of the WannaCry ransomware outbreak.

A global ransomware attack has been described as the biggest in history, shutting down hospitals and causing havoc for companies around the world.

 Australians have been warned to avoid clicking a malicious email purporting to be from ASIC.

It’s lunchtime, but Stephen is behind after the holiday break. He grabs a sandwich, returns to his desk, has a quick browse of Facebook and checks his personal email before getting back to his to-do list.

 Poor grammar lets down a large-scale hoax Australia Post email that aims to install ransomware by stealth.

 A new version of a phishing email impersonating energy giant AGL, and containing dangerous ransomware, is again hitting Australian inboxes.

 Spear-phishing and ransomware are the most common cyber techniques used to exploit Australians, a new cybercrime threat report has revealed.

In a new email scam breaking early Monday, the same cybercrime network behind the recent AGL attacks appear to have moved their focus to Australia Post. The email claims that a package was unable to be delivered because nobody was home, and asks recipients to click a link.

A new spin on an old malware scam that we haven’t seen for a while has begun circulating. In what may be the precursor to a larger run, scammers are now revisiting the use of invoice attachments to engage their target.