Threat Category: Windows malware | Page 20

Malware (which we detect as Trojan-Banker.Win32.Banker.alwa and Trojan-Banker.Win32.Banker.alwe) was using Twitter as a control system to command infected machines.

Once again, there’s a new wave of Koobface. But this time, the tactics have changed. There’s a new twist to the social engineering, with links from infected messages leading to a very well designed Facebook lookalike page.

This malware rating is compiled from data generated by the Kaspersky Security Network (KSN)

In June, we saw an explosive rise in the number of Koobface modifications – the number of variants we detected jumped from 324 at the end of May to nearly 1000 by the end of June.

As in previous months, this malware rating is compiled from data generated by the Kaspersky Security Network (KSN). However, slightly different methods have been used to select and analyze the data.

In 2008, we wrote about Backdoor.Win32.Sinowal , a malicious program we believed to pose a serious threat, as it employed the most advanced, at the time, virus technologies.

Two Top Twenties have been compiled from data generated by the Kaspersky Security Network (KSN) throughout May 2009.

Recently we released a product especially for netbooks, so we’re performing compatibility tests on newly released netbooks in an ongoing way.

Two Top Twenties have been compiled from data generated by the Kaspersky Security Network (KSN) throughout April 2009.

We just described what happens on Kido controlled machines when the spambot Iksmas is installed and launched. However, Kido is also downloading a fake antivirus named SpywareProtect2009.

Last night the Kido (aka Conficker/ Downadup) botnet kicked into action – what everyone’s been on the lookout for since 1st April.

Two Top Twenties have been compiled from data generated by the Kaspersky Security Network (KSN) throughout March 2009.

Two Top Twenties have been compiled from data generated by the Kaspersky Security Network (KSN) throughout February 2009.

2007-2008 was the start of a new period characterized by a rapid increase in the number of Trojan programs designed to steal information, mostly related to bank accounts and online games.

Unlike our previous six-month and annual statistical reports, this report is completely based on data collected and processed using the Kaspersky Security Network (KSN).

Reports

According to Kaspersky, Librarian Ghouls APT continues its series of attacks on Russian entities. A detailed analysis of a malicious campaign utilizing RAR archives and BAT scripts.

Kaspersky GReAT experts uncovered a new campaign by Lazarus APT that exploits vulnerabilities in South Korean software products and uses a watering hole approach.

MysterySnail RAT attributed to IronHusky APT group hasn’t been reported since 2021. Recently, Kaspersky GReAT detected new versions of this implant in government organizations in Mongolia and Russia.

Kaspersky researchers analyze GOFFEE’s campaign in H2 2024: the updated infection scheme, new PowerModul implant, switch to a binary Mythic agent.

Windows malware

Not just Twitter, Jaiku too

New tricks for Koobface

Monthly Malware Statistics: July 2009

Koobface on the rise

Monthly Malware Statistics: June 2009

Bootkit 2009

Monthly Malware Statistics: May 2009

Another infected device

Monthly Malware Statistics: April 2009

Bot-watching 2

The neverending story

Monthly Malware Statistics: March 2009

Monthly Malware Statistics: February 2009

Kaspersky Security Bulletin: Malware evolution 2008

Kaspersky Security Bulletin: Statistics 2008

Reports

Sleep with one eye open: how Librarian Ghouls steal data by night

Operation SyncHole: Lazarus APT goes back to the well

IronHusky updates the forgotten MysterySnail RAT to target Russia and Mongolia

GOFFEE continues to attack organizations in Russia

Subscribe to our weekly e-mails