Threat Category: Web threats | Page 27

The Dutch police have arrested three men who are suspected to have set up a botnet of more than 100 000 computers worldwide.

Around the end of August we started to see the next logical step in the evolution of IM malware.

Social dynamics and shifting tactics from virus writers

MS hands out the $250.000 reward that lead to Jaschan’s arrest

Suspended sentence and community service for Sven Jaschan

The supposed author of the Sasser and Netsky worms goes on trial

Viruses and worms have evolved rapidly over the past few years and now pose a global threat. However, law enforcement agencies are also pooling their resources to gain a global reach.

We saw an interesting attack a few days ago (12 June) when an ongoing attempt to infect AIM users took place.

It’s two years to the day since the email worm Sobig.c caused a major epidemic.

Today we’ve been getting more and more reports of a particular Backdoor.Win32.SdBot variant spreading. This SdBot is packed using UPX, Upolyx and Morphine, we detect it using our generic signature as Backdoor.Win32.SdBot.gen.

In the last week or so, new trends in using IM (instant messaging) applications to spread malicious code have been on the rise.

Sober.q is sending out spam

Protection mechanisms have gained in popularity

Social engineering: an ongoing love story

Bagle threats evolve from email worm to a complex network of zombies; author milks for profit.

Reports

Kaspersky researchers analyze updated CoolClient backdoor and new tools and scripts used in HoneyMyte (aka Mustang Panda or Bronze President) APT campaigns, including three variants of a browser data stealer.

Kaspersky discloses a 2025 HoneyMyte (aka Mustang Panda or Bronze President) APT campaign, which uses a kernel-mode rootkit to deliver and protect a ToneShell backdoor.

Kaspersky GReAT experts analyze the Evasive Panda APT’s infection chain, including shellcode encrypted with DPAPI and RC5, as well as the MgBot implant.

Kaspersky expert describes new malicious tools employed by the Cloud Atlas APT, including implants of their signature backdoors VBShower, VBCloud, PowerShower, and CloudAtlas.

Web threats

Maintainers of 100 000+ computer botnet arrested

AdWare or Worm?

Rise of the ‘business worm’?

Microsoft pays up

Verdict in Sasser trial

Sasser author goes on trial

Global problem, global solution

More attention for AIM

Sobig.c celebrates anniversary

Hybrid IM malware making rounds

IM malware diversifying

Sober.q has become active

Protection mechanisms

Social engineering: an ongoing love story

The Bagle botnet

Reports

HoneyMyte updates CoolClient and deploys multiple stealers in recent campaigns

The HoneyMyte APT evolves with a kernel-mode rootkit and a ToneShell backdoor

Evasive Panda APT poisons DNS requests to deliver MgBot

Cloud Atlas activity in the first half of 2025: what changed

Subscribe to our weekly e-mails