Threat Category: Potentially Unwanted Applications | Page 7

This is the second month that we are analyzing the data we collect from our on-line scanner. We can now make preliminary comparisons with our mail traffic statistics and analyze emerging trends.

We have decided to change the alert for Nyxem.e from red (severe risk) to green (informational).

Recently we’ve added detection for the stealth (rootkit) component of the XCP software to our bases as RiskWare.

Since we last reported on Nsag infectors, we’ve seen quite a lot of new malware related to Nsag.

A professional malware market started to emerge at the very end of 2003, gained ground during 2004, and was well established by the beginning of 2005.

Extended databases turn 2, while x-files date much further back

Kaspersky Lab presents an overview of malware and cyber threat evolution in the second quarter of 2005.

Virus.Win32.Nsag.a has been causing havoc across the globe for a couple of weeks now.

Protection mechanisms have gained in popularity

Kaspersky Lab presents an overview of malware evolution in the first quarter of 2005.

New threat or new jargon

Today we detected a new Email-Worm which downloads and install AdWare onto the infected computer: we named it Email-Worm.Win32.CWS.a.

More file infecting AdWare found in the wild

AdWare goes parasitic

First time in my life I see how different AdWares fight each other. A new 21KB Win32 executable first removes data files and registry keys which belongs to EliteBar AdWare.

Reports

Kaspersky researchers analyze EAGERBEE backdoor modules, revealing a possible connection to the CoughingDown APT actor.

While investigating an incident involving the BellaCiao .NET malware, Kaspersky researchers discovered a C++ version they dubbed “BellaCPP”.

Lazarus targets employees of a nuclear-related organization with a bunch of malware, such as MISTPEN, LPEClient, RollMid, CookieTime and a new modular backdoor CookiePlus.

Kaspersky researchers analyze 2019, 2022 and 2024 attacks attributed to Careto APT with medium to high confidence.

Potentially Unwanted Applications

On-line Scanner Top Twenty February 2006

Nyxem.e status to green

Detection for XCP software

The Nsag infector story continues

Watershed in malicious code evolution

Two years since the introduction of the extended databases

Malware Evolution: April – June 2005

Smitfraud meets Nsag: return of the file infector

Protection mechanisms

Malware Evolution: January – March 2005

No such thing as spyware

CWS goes e-mail

The file infecting AdWare saga continues

AdWare crosses the line

Adware or adwars?

Reports

EAGERBEE, with updated and novel components, targets the Middle East

BellaCPP: Discovering a new BellaCiao variant written in C++

Lazarus group evolves its infection chain with old and new malware

Careto is back: what’s new after 10 years of silence?

Subscribe to our weekly e-mails