Threat Category: Web threats | Page 23

Kido can be very painful to get rid of. That’s why we’ve decided to release a free tool which can be used to clean infected machines.

Drive-by downloads became increasingly common in 2008. With webmasters becoming more aware of security issues, the criminals out there are always looking for new techniques to ensure that their malware survives longer.

Two Top Twenties have been compiled from data provided by the Kaspersky Security Network (KSN) throughout December 2008

Two Top Twenties have been compiled from data provided by the Kaspersky Security Network in November 2008.

Yesterday we detected the onset of the latest mass hack attack – websites being hacked and links placed on them that lead to malicious servers.

Over the last couple of weeks, we’ve been seeing new modifications of the PDF exploits spread and managed by the El Fiesta toolkit.

Two virus rankings have been compiled as a result of Kaspersky Security Network (KSN) activity in September

In its second month of compiling data, the new Kaspersky Security Network (KSN) technology revealed some significant changes amongst the most widespread malicious programs.

Cooperating with the Dutch police

If you read the IT media, you may have seen reports about the new worm we detected yesterday – Net-Worm.Win32.Koobface. We’ve got four variants so far, and there may well be more to come.

The format of the ‘Virus Top Twenty’ reports from Kaspersky Lab has changed as of July 2008

Kaspersky Lab began performing in-depth analysis of the Rustock rootkit’s code on May 12.

The May 2008 Email Top Twenty is a short one; this is explained by the well-known fact that virus writers take a break over the summer months.

Instant messaging applications are viewed as ideal channels for committing various types of online fraud. Knowing about potential threats that spread via IM and how to combat them can help users avoid unpleasant surprises when communicating online

Over this past weekend VKontakte was targeted by a new network worm – Rovud. The first variant was detected early on May 16. The worm is simple in execution, but original nevertheless.

Reports

According to Kaspersky, Librarian Ghouls APT continues its series of attacks on Russian entities. A detailed analysis of a malicious campaign utilizing RAR archives and BAT scripts.

Kaspersky GReAT experts uncovered a new campaign by Lazarus APT that exploits vulnerabilities in South Korean software products and uses a watering hole approach.

MysterySnail RAT attributed to IronHusky APT group hasn’t been reported since 2021. Recently, Kaspersky GReAT detected new versions of this implant in government organizations in Mongolia and Russia.

Kaspersky researchers analyze GOFFEE’s campaign in H2 2024: the updated infection scheme, new PowerModul implant, switch to a binary Mythic agent.

Web threats

Kido, you ain’t kidding

The Google variable

Monthly Malware Statistics: December 2008

Monthly Malware Statistics: November 2008

Big Chinese Hack 2?

Fiesta parties on

Monthly Malware Statistics for September 2008

Monthly Malware Statistics for August 2008

Taking down botnets

Double blow against 2.0

Monthly Malware Statistics for July 2008

Rustock and All That

Virus Top 20 for May 2008

“Instant” threats

Russian social networking website hit by worm

Reports

Sleep with one eye open: how Librarian Ghouls steal data by night

Operation SyncHole: Lazarus APT goes back to the well

IronHusky updates the forgotten MysterySnail RAT to target Russia and Mongolia

GOFFEE continues to attack organizations in Russia

Subscribe to our weekly e-mails