Threat Category: Windows malware | Page 18

After a lengthy interlude, we’re renewing our monthly malware almanac by popular demand.

Kaspersky Lab presents its monthly malware statistics for September

Kaspersky Lab presents its monthly malware statistics for August

There’s been a lot of fuss in the media lately, with news from all the major antivirus companies being printed and reprinted. The source of all the fuss? Virus.Win32.Induc.a.

We recently added detection for a file infector to our databases, for something we call Virus.Win32.Induc.a. Since then, we’ve had a load of questions about it.

Malware (which we detect as Trojan-Banker.Win32.Banker.alwa and Trojan-Banker.Win32.Banker.alwe) was using Twitter as a control system to command infected machines.

Once again, there’s a new wave of Koobface. But this time, the tactics have changed. There’s a new twist to the social engineering, with links from infected messages leading to a very well designed Facebook lookalike page.

This malware rating is compiled from data generated by the Kaspersky Security Network (KSN)

In June, we saw an explosive rise in the number of Koobface modifications – the number of variants we detected jumped from 324 at the end of May to nearly 1000 by the end of June.

As in previous months, this malware rating is compiled from data generated by the Kaspersky Security Network (KSN). However, slightly different methods have been used to select and analyze the data.

In 2008, we wrote about Backdoor.Win32.Sinowal , a malicious program we believed to pose a serious threat, as it employed the most advanced, at the time, virus technologies.

Two Top Twenties have been compiled from data generated by the Kaspersky Security Network (KSN) throughout May 2009.

Recently we released a product especially for netbooks, so we’re performing compatibility tests on newly released netbooks in an ongoing way.

Two Top Twenties have been compiled from data generated by the Kaspersky Security Network (KSN) throughout April 2009.

We just described what happens on Kido controlled machines when the spambot Iksmas is installed and launched. However, Kido is also downloading a fake antivirus named SpywareProtect2009.

Reports

The report features the most significant developments relating to APT groups in Q3 2024, including hacktivist activity, new APT tools and campaigns.

Kaspersky analyzes SideWinder APT’s recent activity: new targets in the MiddleEast and Africa, post-exploitation tools and techniques.

Kaspersky shares insights into the activity and TTPs of the BlindEagle APT, which targets organizations and individuals in Colombia, Ecuador, Chile, Panama and other Latin American countries.

Kaspersky has identified a new EastWind campaign targeting Russian organizations and using CloudSorcerer as well as APT31 and APT27 tools.

Windows malware

Malware Miscellany, September 2009

Monthly Malware Statistics: September 2009

Monthly Malware Statistics: August 2009

A short history of Induc

Induc, the innovative file infector

Not just Twitter, Jaiku too

New tricks for Koobface

Monthly Malware Statistics: July 2009

Koobface on the rise

Monthly Malware Statistics: June 2009

Bootkit 2009

Monthly Malware Statistics: May 2009

Another infected device

Monthly Malware Statistics: April 2009

Bot-watching 2

Reports

APT trends report Q3 2024

Beyond the Surface: the evolution and expansion of the SideWinder APT group

BlindEagle flying high in Latin America

EastWind campaign: new CloudSorcerer attacks on government organizations in Russia

Subscribe to our weekly e-mails