Threat Category: Web threats | Page 28

Blogs now being used to download malware

MSN Messenger 7 released yesterday

Kaspersky Anti-Virus Web Scanner beta – killing malware directly from the web

Melissa, a pioneer email virus celebrates its sixth birthday

We have seen an increase in IM-Worms over the last couple of weeks.

Today we detected a new Email-Worm which downloads and install AdWare onto the infected computer: we named it Email-Worm.Win32.CWS.a.

We’ve received a new variant of Wootbot, an IRC Trojan. The file is detected as Backdoor.Win32.Wootbot.gen, but contains an additional function: it will penetrate machines with MySQL server installed.

New Net-Worm.Win32.DipNet.d seems to be the cause of high network traffic on port 11768

Several potentially dangerous WMV (video files) are currently floating around P2P networks. We are detecting them as Trojan-Downloader.WMA.Wimad.a and Trojan-Downloader.WMA.Wimad.b.

We have detected a new Santy variant which also targets vulnerabilties in older versions of php. This new variant is more advanced/dangerous in a number of ways.

Sourcecode posted on mailinglists and sites hosting exploits

Google has announced that it will block search requests from Santy in order to prevent the worm from spreading further. I don’t think that this is enough to solve the problem. The authour can always release new versions that use other search engines – MSN or Yahoo, for instance.

What is worse,…

New variant of Santy was found some hours ago. We detect it as Net-Worm.Perl.Santy.b.

phpBB 2.0.11 isn’t vulnerable

A worm that targets phpBB is on the loose

Reports

Kaspersky’s GReAT experts have uncovered a new wave of cyberattacks by the ForumTroll APT group, targeting Russian political scientists and delivering the Tuoni framework to their devices.

Kaspersky discloses new tools and techniques discovered in 2025 Tomiris activities: multi-language reverse shells, Havoc and AdaptixC2 open-source frameworks, communications via Discord and Telegram.

Kaspersky experts analyze the ToddyCat APT attacks targeting corporate email. We examine the new version of TomBerBil, the TCSectorCopy and XstReader tools, and methods for stealing access tokens from Outlook.

Kaspersky GReAT experts dive deep into the BlueNoroff APT’s GhostCall and GhostHire campaigns. Extensive research detailing multiple malware chains targeting macOS, including a stealer suite, fake Zoom and Microsoft Teams clients and ChatGPT-enhanced images.

Web threats

Blogging bad for you?

MSN makes an attempt to stop IM-worms

Kaspersky Anti-Virus Web Scanner

The Melissa virus struck 6 years ago today

Isn’t she cute?

CWS goes e-mail

Malicious code spreading via MySQL server

New Net-Worm.Win32.DipNet.d

Compromised WMV files in P2P networks

New Santy also targets php vulnerabilities

Santy sourcecode publicly available

Preliminary evaluation of Santy outbreak

Santy.b was found “in the wild”

Update on Net-Worm.Perl.Santy.a and phpBB vulnerabitlity

Net-Worm.Perl.Santy.a outbreak

Reports

Operation ForumTroll continues: Russian political scientists targeted using plagiarism reports

Tomiris wreaks Havoc: New tools and techniques of the APT group

ToddyCat: your hidden email assistant. Part 1

Crypto wasted: BlueNoroff’s ghost mirage of funding and jobs

Subscribe to our weekly e-mails