Threat Category: Windows malware | Page 22

As in previous months, this malware rating is compiled from data generated by the Kaspersky Security Network (KSN). However, slightly different methods have been used to select and analyze the data.

In 2008, we wrote about Backdoor.Win32.Sinowal , a malicious program we believed to pose a serious threat, as it employed the most advanced, at the time, virus technologies.

Two Top Twenties have been compiled from data generated by the Kaspersky Security Network (KSN) throughout May 2009.

Recently we released a product especially for netbooks, so we’re performing compatibility tests on newly released netbooks in an ongoing way.

Two Top Twenties have been compiled from data generated by the Kaspersky Security Network (KSN) throughout April 2009.

We just described what happens on Kido controlled machines when the spambot Iksmas is installed and launched. However, Kido is also downloading a fake antivirus named SpywareProtect2009.

Last night the Kido (aka Conficker/ Downadup) botnet kicked into action – what everyone’s been on the lookout for since 1st April.

Two Top Twenties have been compiled from data generated by the Kaspersky Security Network (KSN) throughout March 2009.

Two Top Twenties have been compiled from data generated by the Kaspersky Security Network (KSN) throughout February 2009.

2007-2008 was the start of a new period characterized by a rapid increase in the number of Trojan programs designed to steal information, mostly related to bank accounts and online games.

Unlike our previous six-month and annual statistical reports, this report is completely based on data collected and processed using the Kaspersky Security Network (KSN).

There have been a lot of variants of Email-Worm.Win32.Iksmas around lately. Now that Valentine’s Day is over, we might have expected to see a few less of them, but no.

Two Top Twenties have been compiled from data generated by the Kaspersky Security Network (KSN) throughout January 2009.

Greediest malicious program targeting payment systems, stealthiest malicious program, most widespread malicious code which exploits a vulnerability, most malicious program and others.

Two Top Twenties have been compiled from data provided by the Kaspersky Security Network (KSN) throughout December 2008

Reports

Kaspersky researchers analyze updated CoolClient backdoor and new tools and scripts used in HoneyMyte (aka Mustang Panda or Bronze President) APT campaigns, including three variants of a browser data stealer.

Kaspersky discloses a 2025 HoneyMyte (aka Mustang Panda or Bronze President) APT campaign, which uses a kernel-mode rootkit to deliver and protect a ToneShell backdoor.

Kaspersky GReAT experts analyze the Evasive Panda APT’s infection chain, including shellcode encrypted with DPAPI and RC5, as well as the MgBot implant.

Kaspersky expert describes new malicious tools employed by the Cloud Atlas APT, including implants of their signature backdoors VBShower, VBCloud, PowerShower, and CloudAtlas.

Windows malware

Monthly Malware Statistics: June 2009

Bootkit 2009

Monthly Malware Statistics: May 2009

Another infected device

Monthly Malware Statistics: April 2009

Bot-watching 2

The neverending story

Monthly Malware Statistics: March 2009

Monthly Malware Statistics: February 2009

Kaspersky Security Bulletin: Malware evolution 2008

Kaspersky Security Bulletin: Statistics 2008

We help you to survive this crisis!

Monthly Malware Statistics: January 2009

Malware Miscellany, December 2008

Monthly Malware Statistics: December 2008

Reports

HoneyMyte updates CoolClient and deploys multiple stealers in recent campaigns

The HoneyMyte APT evolves with a kernel-mode rootkit and a ToneShell backdoor

Evasive Panda APT poisons DNS requests to deliver MgBot

Cloud Atlas activity in the first half of 2025: what changed

Subscribe to our weekly e-mails