Threat Category: Web threats | Page 21

2009 was the latest milestone both in the history of malware and in the history of cybercrime, with a marked change in direction in both areas. This year laid the foundation of what we will see in the future.

Another day, another disaster, and once again, the bad guys are exploiting this subject to poison search results so that those looking for some news get lead to a page offering a rogue AV solution.

The first Top Twenty lists malicious programs, adware and potentially unwanted programs that were detected and neutralized when accessed for the first time, i.e. by the on-access scanner.

Today the UK Council on Child Internet Safety [UKCCIS] is launching its Child Internet Safety Strategy. The strategy is designed to encourage children not to disclose personal information, to block unwanted messages on social networks and to report inappropriate behaviour.

National Anti-Bullying Week is kicking off in the UK today. This year the focus is on combating cyberbullying, with lots of resources for schools, a roadshow, and videos discussing the problem of bullying.

In recent years, the Web has become the main distribution point for malware. Malicious programs are hosted on websites; users are then either tricked into running these programs manually, or exploits are used to execute the malware automatically on victim machines.

We’ve been looking at the infrastructure of the Gumblar malware and found some curious facts on how Gumblar operates which we would like to share to make hosting owners aware of the Gumblar threat.

Kaspersky Lab presents its monthly malware statistics for October. From this month onwards, the data used is gathered from all products which use the Kaspersky Security Network (KSN), i.e. products from both the 2009 and 2010 lines.

After a lengthy interlude, we’re renewing our monthly malware almanac by popular demand.

This article is a study of one spam email and illustrates the methods employed by today’s cyber criminals to create botnets and conduct mass spam mailings.

Kaspersky Lab presents its monthly malware statistics for September

Cybercriminals are unlikely to reinvent the wheel, so once you’ve encountered a scam or threat, and have learnt, you can use this information in the future. This article therefore focuses on some typical examples, and explains how you can protect yourself.

Late on Monday, a lot of Russian ICQ users got sent this message

Kaspersky Lab presents its monthly malware statistics for August

The URL which Koobface was spreading from has now been brought down so attacks are blocked.

Reports

According to Kaspersky, Librarian Ghouls APT continues its series of attacks on Russian entities. A detailed analysis of a malicious campaign utilizing RAR archives and BAT scripts.

Kaspersky GReAT experts uncovered a new campaign by Lazarus APT that exploits vulnerabilities in South Korean software products and uses a watering hole approach.

MysterySnail RAT attributed to IronHusky APT group hasn’t been reported since 2021. Recently, Kaspersky GReAT detected new versions of this implant in government organizations in Mongolia and Russia.

Kaspersky researchers analyze GOFFEE’s campaign in H2 2024: the updated infection scheme, new PowerModul implant, switch to a binary Mythic agent.

Web threats

Kaspersky Security Bulletin 2009. Malware Evolution 2009

Search poisoning, again

Monthly Malware Statistics: December 2009

Patching our children

Facebook isn’t always fun

Browsing malicious websites

The Gumblar system

Monthly Malware Statistics: October 2009

Malware Miscellany, September 2009

The Cash Factory

Monthly Malware Statistics: September 2009

Traps on the Internet

The what-bot

Monthly Malware Statistics: August 2009

Koobface update

Reports

Sleep with one eye open: how Librarian Ghouls steal data by night

Operation SyncHole: Lazarus APT goes back to the well

IronHusky updates the forgotten MysterySnail RAT to target Russia and Mongolia

GOFFEE continues to attack organizations in Russia

Subscribe to our weekly e-mails