Windows malware

Recently, though, we saw a series of messages persistently sent to the same email address. Apparently, the attacker’s main goal was to infect that computer – all emails, no matter what their headers were, contained Email-Worm.Win32.NetSky.q.

Interestingly enough, it seems that a new variant of the Jumcar malware family has appeared and a lot of changes have been made to the original source code.

We have discovered a new Tor-based malware, named “ChewBacca” and detected as “Trojan.Win32.Fsysna.fej”. Adding Tor to malware is not unique to this sample, but it’s still a rare feature.

The more people switch to 64-bit platforms, the more 64-bit malware appears. We have been following this process for several years now.

Last week, Kaspersky Lab identified a mass mailing of phishing letters sent in the name of leading IT security providers.

Yesterday morning we received a sample from Cuba of a malware that looks for the audio and video file extensions after infecting a victim’s machine.

New trick from cybercriminals of Brazil – a suspicious message arrives to the user with a file attached. Inside the RTF file there is a well-known Brazilian Trojan banker belonging to the family Trojan.Win32.ChePro.

Proxy auto-config (PAC) files are a modern resource that exist on all modern browsers.

According to KSN data, Kaspersky Lab products detected and neutralized a total of 983 051 408 threats in the second quarter of 2013.

Recent months have produced little of interest among worms written in Java and script languages such as JavaScript and VBScript.

We know that the family of malware called Trojan.MSIL.Jumcar and Trojan.Win32.Jumcar was developed in Peru with the primary aim of attacking Peruvian users.

According to KSN data, Kaspersky Lab products detected and neutralized 1 345 570 352 threats in Q1 2013.

It has been three years since we published Lock, stock and two smoking Trojans in our blog. The article describes the first piece of malware designed to attack users of online banking software developed by a company called BIFIT.

Don’t believe your eyes but check if you still have your AV solution. Instead of fighting AV detections, cybercriminals from Brazil just replace them with their own fake solutions.

This section of the report forms part of the Kaspersky Security Bulletin 2012 and is based on data obtained and processed using Kaspersky Security Network (KSN).