Threat Category: Potentially Unwanted Applications | Page 7

StopBadware.org positions itself as ‘a “Neighbourhood Watch” campaign aimed at fighting badware.’

This is the second month that we are analyzing the data we collect from our on-line scanner. We can now make preliminary comparisons with our mail traffic statistics and analyze emerging trends.

We have decided to change the alert for Nyxem.e from red (severe risk) to green (informational).

Recently we’ve added detection for the stealth (rootkit) component of the XCP software to our bases as RiskWare.

Since we last reported on Nsag infectors, we’ve seen quite a lot of new malware related to Nsag.

A professional malware market started to emerge at the very end of 2003, gained ground during 2004, and was well established by the beginning of 2005.

Extended databases turn 2, while x-files date much further back

Kaspersky Lab presents an overview of malware and cyber threat evolution in the second quarter of 2005.

Virus.Win32.Nsag.a has been causing havoc across the globe for a couple of weeks now.

Protection mechanisms have gained in popularity

Kaspersky Lab presents an overview of malware evolution in the first quarter of 2005.

New threat or new jargon

Today we detected a new Email-Worm which downloads and install AdWare onto the infected computer: we named it Email-Worm.Win32.CWS.a.

More file infecting AdWare found in the wild

AdWare goes parasitic

Reports

According to Kaspersky, Librarian Ghouls APT continues its series of attacks on Russian entities. A detailed analysis of a malicious campaign utilizing RAR archives and BAT scripts.

Kaspersky GReAT experts uncovered a new campaign by Lazarus APT that exploits vulnerabilities in South Korean software products and uses a watering hole approach.

MysterySnail RAT attributed to IronHusky APT group hasn’t been reported since 2021. Recently, Kaspersky GReAT detected new versions of this implant in government organizations in Mongolia and Russia.

Kaspersky researchers analyze GOFFEE’s campaign in H2 2024: the updated infection scheme, new PowerModul implant, switch to a binary Mythic agent.

Potentially Unwanted Applications

Named & shamed!

On-line Scanner Top Twenty February 2006

Nyxem.e status to green

Detection for XCP software

The Nsag infector story continues

Watershed in malicious code evolution

Two years since the introduction of the extended databases

Malware Evolution: April – June 2005

Smitfraud meets Nsag: return of the file infector

Protection mechanisms

Malware Evolution: January – March 2005

No such thing as spyware

CWS goes e-mail

The file infecting AdWare saga continues

AdWare crosses the line

Reports

Sleep with one eye open: how Librarian Ghouls steal data by night

Operation SyncHole: Lazarus APT goes back to the well

IronHusky updates the forgotten MysterySnail RAT to target Russia and Mongolia

GOFFEE continues to attack organizations in Russia

Subscribe to our weekly e-mails