Threat Category: Windows malware | Page 19

As expected, we can confirm more compromised machines. Our current count looks as follows

Around October 20th we received mails from our office in Turkey about the “possible spread of a new virus”

After a lengthy interlude, we’re renewing our monthly malware almanac by popular demand.

Kaspersky Lab presents its monthly malware statistics for September

Kaspersky Lab presents its monthly malware statistics for August

There’s been a lot of fuss in the media lately, with news from all the major antivirus companies being printed and reprinted. The source of all the fuss? Virus.Win32.Induc.a.

We recently added detection for a file infector to our databases, for something we call Virus.Win32.Induc.a. Since then, we’ve had a load of questions about it.

Malware (which we detect as Trojan-Banker.Win32.Banker.alwa and Trojan-Banker.Win32.Banker.alwe) was using Twitter as a control system to command infected machines.

Once again, there’s a new wave of Koobface. But this time, the tactics have changed. There’s a new twist to the social engineering, with links from infected messages leading to a very well designed Facebook lookalike page.

This malware rating is compiled from data generated by the Kaspersky Security Network (KSN)

In June, we saw an explosive rise in the number of Koobface modifications – the number of variants we detected jumped from 324 at the end of May to nearly 1000 by the end of June.

As in previous months, this malware rating is compiled from data generated by the Kaspersky Security Network (KSN). However, slightly different methods have been used to select and analyze the data.

In 2008, we wrote about Backdoor.Win32.Sinowal , a malicious program we believed to pose a serious threat, as it employed the most advanced, at the time, virus technologies.

Two Top Twenties have been compiled from data generated by the Kaspersky Security Network (KSN) throughout May 2009.

Recently we released a product especially for netbooks, so we’re performing compatibility tests on newly released netbooks in an ongoing way.

Reports

In this article, we discuss the tools and TTPs used in the SideWinder APT’s attacks in H2 2024, as well as shifts in its targets, such as an increase in attacks against the maritime and logistics sectors.

Kaspersky researchers analyze EAGERBEE backdoor modules, revealing a possible connection to the CoughingDown APT actor.

While investigating an incident involving the BellaCiao .NET malware, Kaspersky researchers discovered a C++ version they dubbed “BellaCPP”.

Lazarus targets employees of a nuclear-related organization with a bunch of malware, such as MISTPEN, LPEClient, RollMid, CookieTime and a new modular backdoor CookiePlus.

Windows malware

Gumblar update

The new gumblar

Malware Miscellany, September 2009

Monthly Malware Statistics: September 2009

Monthly Malware Statistics: August 2009

A short history of Induc

Induc, the innovative file infector

Not just Twitter, Jaiku too

New tricks for Koobface

Monthly Malware Statistics: July 2009

Koobface on the rise

Monthly Malware Statistics: June 2009

Bootkit 2009

Monthly Malware Statistics: May 2009

Another infected device

Reports

SideWinder targets the maritime and nuclear sectors with an updated toolset

EAGERBEE, with updated and novel components, targets the Middle East

BellaCPP: Discovering a new BellaCiao variant written in C++

Lazarus group evolves its infection chain with old and new malware

Subscribe to our weekly e-mails