Threat Category: Web threats | Page 23

Yesterday we detected the onset of the latest mass hack attack – websites being hacked and links placed on them that lead to malicious servers.

Over the last couple of weeks, we’ve been seeing new modifications of the PDF exploits spread and managed by the El Fiesta toolkit.

Two virus rankings have been compiled as a result of Kaspersky Security Network (KSN) activity in September

In its second month of compiling data, the new Kaspersky Security Network (KSN) technology revealed some significant changes amongst the most widespread malicious programs.

Cooperating with the Dutch police

If you read the IT media, you may have seen reports about the new worm we detected yesterday – Net-Worm.Win32.Koobface. We’ve got four variants so far, and there may well be more to come.

The format of the ‘Virus Top Twenty’ reports from Kaspersky Lab has changed as of July 2008

Kaspersky Lab began performing in-depth analysis of the Rustock rootkit’s code on May 12.

The May 2008 Email Top Twenty is a short one; this is explained by the well-known fact that virus writers take a break over the summer months.

Instant messaging applications are viewed as ideal channels for committing various types of online fraud. Knowing about potential threats that spread via IM and how to combat them can help users avoid unpleasant surprises when communicating online

Over this past weekend VKontakte was targeted by a new network worm – Rovud. The first variant was detected early on May 16. The worm is simple in execution, but original nevertheless.

This article discusses zombie networks or botnets: how they are created, who uses them to make money on them and how this is done. Readers who are already familiar with the subject will find the information on the latest trends in botnet development of interest.

Last night, on the eve of April Fool’s Day, we started seeing a wave of new modifications of the notorious Zhelatin worm.

March 2008 proved to be somewhat atypical in terms of malicious code in mail traffic.

Amazingly, for the second month in a row, not only has the leader of our Top Twenty not changed but the three programs at the top of the ranking have remained the same.

Reports

Kaspersky researchers analyze EAGERBEE backdoor modules, revealing a possible connection to the CoughingDown APT actor.

While investigating an incident involving the BellaCiao .NET malware, Kaspersky researchers discovered a C++ version they dubbed “BellaCPP”.

Lazarus targets employees of a nuclear-related organization with a bunch of malware, such as MISTPEN, LPEClient, RollMid, CookieTime and a new modular backdoor CookiePlus.

Kaspersky researchers analyze 2019, 2022 and 2024 attacks attributed to Careto APT with medium to high confidence.

Web threats

Big Chinese Hack 2?

Fiesta parties on

Monthly Malware Statistics for September 2008

Monthly Malware Statistics for August 2008

Taking down botnets

Double blow against 2.0

Monthly Malware Statistics for July 2008

Rustock and All That

Virus Top 20 for May 2008

“Instant” threats

Russian social networking website hit by worm

The botnet business

Don’t be an April Fool!

Virus Top 20 for March 2008

Online Scanner Top Twenty for March 2008

Reports

EAGERBEE, with updated and novel components, targets the Middle East

BellaCPP: Discovering a new BellaCiao variant written in C++

Lazarus group evolves its infection chain with old and new malware

Careto is back: what’s new after 10 years of silence?

Subscribe to our weekly e-mails