Threat Category: Web threats | Page 25

It’s been some time since we’ve seen an adware program at the top of our online rankings.

This annual report provides an overview the evolution of malware, adware and potentially malicious programs in 2007, and compares this data to that of 2006.

Email is known to be one of the most popular infection vectors. This article specifically analyses malware which is distributed via email.

This paper presents a method to automatically separate and block those networks in real time. The method uses a statistical approach exploiting the fact that computers in a botnet have to have some similarities in their behavior.

In November, our online statistics returned to their usual state of flux: there are 11 new malicious programs in the Top Twenty, a new leader and it’s very unclear what the future may hold

HMRC [Her Majesty’s Revenue & Customs] has mislaid two disks containing personal data

If this month’s Top Twenty had been prepared using data from the first 26 days of October, two important malware related events would have been missing

Over the last couple of weeks we’ve been closely following the behaviour of a botnet with a C&C (command and control) center based on a popular web-based engine.

The growth only stopped early yesterday evening – around 5pm Moscow time – when the overall total number of zombies was about 14000!

Today we saw a sad, but typical picture: a small botnet with an approximately 8600 zombie machines suddenly exploded and began to grow very quickly.

Italian TV went so far as to warn viewers of the Trojan.Win32.Small.mi – both with a short item on the midday news, and by running a warning across their news ticker.

A few days ago the Inquirer published a interesting little article talking about how Google hadn’t returned the search results he wanted, but instead told him his computer might be infected with a malicious program.

H.R. 1525 is ongoing evolution to the original (I-SPY) Internet Spyware Protection Act of 2005. Specifically, the new bill is “to discourage spyware, and for other purposes”.

Kaspersky Lab presents the Online Scanner Top Twenty for December 2006

Are all antivirus created equal?

Reports

Kaspersky researchers analyze updated CoolClient backdoor and new tools and scripts used in HoneyMyte (aka Mustang Panda or Bronze President) APT campaigns, including three variants of a browser data stealer.

Kaspersky discloses a 2025 HoneyMyte (aka Mustang Panda or Bronze President) APT campaign, which uses a kernel-mode rootkit to deliver and protect a ToneShell backdoor.

Kaspersky GReAT experts analyze the Evasive Panda APT’s infection chain, including shellcode encrypted with DPAPI and RC5, as well as the MgBot implant.

Kaspersky expert describes new malicious tools employed by the Cloud Atlas APT, including implants of their signature backdoors VBShower, VBCloud, PowerShower, and CloudAtlas.

Web threats

Online Scanner Top Twenty for February 2008

Kaspersky Security Bulletin 2007: Malware evolution in 2007

Kaspersky Security Bulletin 2007. Malware which spreads via email

Coordinated distributions method for tracking botnets sending out spam

Online Scanner Top Twenty for November 2007

UK child benefit data lost

Virus Top 20 for October 2007

Botnet losing ground

Botnet grinds to a halt

A look inside a botnet

Italy warns TV watchers of Small epidemic

GoogleBlock

New U.S. legislation

Online Scanner Top Twenty for December 2006

Are all antivirus created equal?

Reports

HoneyMyte updates CoolClient and deploys multiple stealers in recent campaigns

The HoneyMyte APT evolves with a kernel-mode rootkit and a ToneShell backdoor

Evasive Panda APT poisons DNS requests to deliver MgBot

Cloud Atlas activity in the first half of 2025: what changed

Subscribe to our weekly e-mails