Threat Category: Web threats | Page 24

Over the last couple of weeks, we’ve been seeing new modifications of the PDF exploits spread and managed by the El Fiesta toolkit.

Two virus rankings have been compiled as a result of Kaspersky Security Network (KSN) activity in September

In its second month of compiling data, the new Kaspersky Security Network (KSN) technology revealed some significant changes amongst the most widespread malicious programs.

Cooperating with the Dutch police

If you read the IT media, you may have seen reports about the new worm we detected yesterday – Net-Worm.Win32.Koobface. We’ve got four variants so far, and there may well be more to come.

The format of the ‘Virus Top Twenty’ reports from Kaspersky Lab has changed as of July 2008

Kaspersky Lab began performing in-depth analysis of the Rustock rootkit’s code on May 12.

The May 2008 Email Top Twenty is a short one; this is explained by the well-known fact that virus writers take a break over the summer months.

Instant messaging applications are viewed as ideal channels for committing various types of online fraud. Knowing about potential threats that spread via IM and how to combat them can help users avoid unpleasant surprises when communicating online

Over this past weekend VKontakte was targeted by a new network worm – Rovud. The first variant was detected early on May 16. The worm is simple in execution, but original nevertheless.

This article discusses zombie networks or botnets: how they are created, who uses them to make money on them and how this is done. Readers who are already familiar with the subject will find the information on the latest trends in botnet development of interest.

Last night, on the eve of April Fool’s Day, we started seeing a wave of new modifications of the notorious Zhelatin worm.

March 2008 proved to be somewhat atypical in terms of malicious code in mail traffic.

Amazingly, for the second month in a row, not only has the leader of our Top Twenty not changed but the three programs at the top of the ranking have remained the same.

It’s been some time since we’ve seen an adware program at the top of our online rankings.

Reports

Kaspersky researchers analyze updated CoolClient backdoor and new tools and scripts used in HoneyMyte (aka Mustang Panda or Bronze President) APT campaigns, including three variants of a browser data stealer.

Kaspersky discloses a 2025 HoneyMyte (aka Mustang Panda or Bronze President) APT campaign, which uses a kernel-mode rootkit to deliver and protect a ToneShell backdoor.

Kaspersky GReAT experts analyze the Evasive Panda APT’s infection chain, including shellcode encrypted with DPAPI and RC5, as well as the MgBot implant.

Kaspersky expert describes new malicious tools employed by the Cloud Atlas APT, including implants of their signature backdoors VBShower, VBCloud, PowerShower, and CloudAtlas.

Web threats

Fiesta parties on

Monthly Malware Statistics for September 2008

Monthly Malware Statistics for August 2008

Taking down botnets

Double blow against 2.0

Monthly Malware Statistics for July 2008

Rustock and All That

Virus Top 20 for May 2008

“Instant” threats

Russian social networking website hit by worm

The botnet business

Don’t be an April Fool!

Virus Top 20 for March 2008

Online Scanner Top Twenty for March 2008

Online Scanner Top Twenty for February 2008

Reports

HoneyMyte updates CoolClient and deploys multiple stealers in recent campaigns

The HoneyMyte APT evolves with a kernel-mode rootkit and a ToneShell backdoor

Evasive Panda APT poisons DNS requests to deliver MgBot

Cloud Atlas activity in the first half of 2025: what changed

Subscribe to our weekly e-mails