Cyber Threat: Latest Computer Virus In 2019

There have been many cyber-attacks in the past decade. With the use of the latest techniques and
coding, hacking and cyber-threats have become much easy and common.
The only thing with the evolution of cyber-attacks is that they have become more dangerous and
threatening like never. They can take out any bit of information from the system if they need to.
But, all we can do is sit and wait for it to happen. This is because we aren’t aware of the current
computer viruses surfacing online in the market. And we aren’t even aware of the practices that we
should follow to stay safe and secure.
So, today, in this article, we will be talking about some of the most dangerous computer viruses and
also about the latest computer viruses in 2018. And what are the practices and preventions that we need
to follow before and after the attack?
Preventive Measures to Stay Secure From A Virus Attack
The obvious answer to this is we should use an updated anti-virus that is capable of detecting the latest
threats. In addition to this, using a data recovery wizard tool like EaseUS is also recommended. This
tool helps recover files deleted by the virus, an example of which was seen during the WannaCary
attack. People who were using EaseUS were able to recover files even when their system was attacked.
Hence we recommend using it along with using anti-virus software.
Top Computer Virus Names in 2019
1. CryptoMix Clop Ransomware
2. B0r0nt0k Ransomware
3. Yatron Ransomware
4. Astaroth
5. GoBrut
 6. Jokeroo
7. Gandcrab Ransomware
8. Trojan Glupteba
9. Kuik Adware
10.Magniber Ransomware
11.Thanatos Ransomware
12.Trojan Panda Banker / Zeus Panda

1. CryptoMix Clop Ransomware

This new variant of CryptoMix Clop ransowmare targets a complete network instead of individual
machines. The new variant was discovered around the end of Feb 2019 and was found equipped with
more email addresses as compared to the older CryptoMix Clop variant.
CryptoMix Clop once executed starts terminating different Windows services and processes resulting in
disabling anti-virus running on the Windows machine. In addition to this, this ransowmare encrypts the
victim’s files and changes the extension to .Clop or .Clop extension. Once all this is done a ransomware
note informing the victim about the attack is displayed.
Currently, there is no means to decrypt the files encrypted by CryptoMix Clop for free.
2. B0r0nt0k Ransomware
Ransomware computer virus are of different types but as we know all, they are designed for monetary
purposes. Ransomware can spread via various methods as malicious software, email attachments,
external storage devices, and others.
Latest strain of computer virus known as B0r0nt0k ransomware emerged on February 25th, 2019
encrypts a file on Linux server and adds an extension. rontok to the encrypted files. Although B0r0nt0k
cryptoransomware is designed for Linux systems and websites it works like the computer viruses
designed for Windows. This computer virus apart from affecting data goes one step ahead as it makes
changes to
• Startup settings

• Registry entries

• File or programs

To decrypt files attacker demands 20 Bitcoin that are to be paid within three days from the day of the
attack. Failing to do so the attacker deletes data permanently. Moreover, this cryptovirus is considered
dangerous as it can disable security tools.
Prevention:
• Take regular data backup
 • Apply latest security patch

• Use intrusion prevention services to block application exploits

3. Yatron Ransomware
Latest Ransomware-as-a-Service called Yatron is being promoted on Twitter these data. This computer
virus works like other ransomware and encrypts targeted files. IT spreads to another computer via
EternalBlue and DoublePulsar exploits. Not only this Yatron Ransomware tries to delete encrypted files
if the victim fails to make payment within 72 hours.
Apart from exploiting the weaknesses, Yatron computer ransomware will try to spread through P2P
programs by copying ransomware executable to default folders.

Preventions:
• Always keep a backup of important files

• Avoid enabling macros in attachments received

• Do not download unsolicited attachments

• Use admin account only when necessary

4. Astaroth Trojan:
First emerged in 2017 this latest computer virus has already targeted over 8000 systems. It is being
used in spam campaigns across Europe and Brazil. This computer trojan spreads through .7zip file
attachments and malicious links. Astaroth Trojan targets antivirus tools to steal username and
passwords.
Preventions:
• Use 2-FA to add extra layer of security to your machine

• Keep your machine and security tools updated

• Run latest firewall and dedicated Internet security tool

5. GoBrut:
GoBrut the latest computer virus is not technically sophisticated but can slow down the Internet and
cause damage to thousands of computers. This computer virus is Golang based and uses brute force to
spread itself on Windows and Linux machines.
This malware can exploit a number of vulnerabilities especially the websites that still use weak
passwords are on target. Not only this StealthWorker malware is also capable of updating itself.

Preventions:
• Use strong and complicated passwords

• Use progressive delays

Use change response test to prevent automated submissions

6. Jokeroo:
This computer virus also works as Ransomware-as-a-Service and it is being promoted on Twitter via
underground hacking sites. This computer threat allows affiliates to gain access to a functional
ransomware and payment server. Jokeroo started promoting itself as a GrandCrab Ransomware on
Exploit.in.
Prevention:
• Practice safe browsing

• Update operating system and security applications

• Regular backup of files and other important data

7. Gandcrab Ransomware
It is one of the most famous computer virus. Gandcrab is a ransomware spread through
malvertisements, explicit websites, or spam emails, which leads the user to Rig Exploit Kit Page or
GrandSoft EK page. Through these pages, Gandcrab makes an entry into users’ systems and devices.
Once ransomware is active on the system, it starts to gather user’s personal information such as
username, keyboard type, presence of antivirus, IP, OS version, current Windows version etc.
Dangerous computer virus Gandcrab makes its next move on the basis of information collected. After
which it kills all tasks & processes running on system so that it can start encrypting the data and files
present in system.
It then generates public and private keys on user’s system, which are then forwarded to C2 server
hosted on .bit domain.
As soon as the key is delivered it starts its process of encryption by using public key generated and
adds ‘.GDCB’ extension to all encrypted files. After this, it sends a file containing ransom message on
the user’s system in return for decryption of their data. The name of the file with ransom message is
‘GDCB-DECRYPT.txt’.
Preventions
– Regular backup of important data and files.
– Update operating system and applications.
– In case of attack, try using ransomware decryption tools.
8. Trojan Glupteba
This is one of the worst computer virus that has several variants with different functionalities.
This trojan reaches the system through a file dropped by other malware or by exploit kits. It activates as
a service and enables processes on the system pretending to be a legit or authentic software. Glupteba
directly communicates to IP addresses and ports to collect user’s information. It diverts the traffic and
users towards various unknown domains such as ostdownload.xyz, travelsreview.wo,
rldbigdesign.website, sportpics.xyzkinosport.top.

Preventions
– Enable web and email filters.
– Restrict macros in Microsoft Office products.
– Practice safe browsing.

9. Kuik Adware
This is one of the top computer virus in the form of a malware & adware dubbed as ‘Kuik’. It acts as
legitimate Adobe Flash Player update by masking itself.
This dangerous computer virus comes with three modules that are legitimate flash player, certificate
and .exe file named ‘upp.exe’.
Once the virus enters in system, it communicates with all established network interface and adds the
DNS 18.219.162.248.
After this, it starts collecting personal information and data from the user’s system and forwards it to
the hosting domain ‘kuikdelivery.com’. As soon as the information reaches domain server, it activates
various other malicious tasks on system that also includes chrome extension from unknown sources,
coin miners, etc.
Preventions
– Regular backup of important data and files.
– Enable authentic antivirus and spyware.
– Restrict from spam emails and also from attachments of file types,
exe|pif|tmp|url|vb|vbe|scr|reg|cer|pst|cmd|com|bat|dll|dat|hlp|hta|js|wsf.
10. Magniber Ransomware
This latest computer virus is mostly active in Asian countries. Magniber is spread through
malvertisements, infected websites that redirects the user to Magnitude exploit kit page. It is the oldest
serving malicious browser toolkit that is still in use to distribute the ransomware.
As soon as Magniber enters into the system, it starts encrypting the data and files with the use of a
unique key. Once encrypted, it adds the .dyaaghemy extension to all the files encrypted.
Preventions
– Regular backup of data and files.
– Update operating system and applications.
– Block the file extensions such as,
exe|pif|tmp|url|vb|vbe|scr|reg|cer|pst|cmd|com|bat|dll|dat|hlp|hta|js|wsf.
11. Thanatos Ransomware
It’s a new computer virus named ‘Thanatos’, which is distributed through malvertisements, spam
emails with malicious attachments and file types, etc. This is very similar to most famous computer
virus that is ILOVEYOU computer virus.
The most complicated part is to decrypt the data been encrypted by this ransomware. This is because it
generates different keys every time for encryption and does not save these keys anywhere making it
difficult to recover.
After this, it drops payload in user’s system in form of .exe file or .txt file, which is set for an auto run
and opens every time the system is restarted. This payload starts encrypting files and adds ‘.thanatos’
extension to encrypted files. Soon, user receives a ransom pay message on its system.
Preventions
– Disable macros and Activex when using MS Office products.
– Keep a regular backup of data and files.
– Update operating system and applications.
12. Trojan Panda Banker / Zeus Panda
This latest computer virus is very much identical to top computer virus Zeus banking trojan malware.
It’s a malware that uses web to inject malware and to steal users banking information and credentials.
It basically is distributed through exploit kits, such as Ngler exploit kit, Nuclear exploit kit, and
Neutrino exploits kit.
Not only from exploit kits, this is spread through social networking sites, spam emails, and adult sites
as well.
After getting installed on the system, it starts searching for information such as antivirus, spyware,
username, password, etc. This information is passed on to C2 server. And, once this is done, it starts to
steal banking credentials, transaction information, and other info as well.
Preventions
– Regular backup of important data and files.
– Update operating system and applications.
– Block attachments of file types,
exe|pif|tmp|url|vb|vbe|scr|reg|cer|pst|cmd|com|bat|dll|dat|hlp|hta|js|wsf.