Threat Category: Windows malware | Page 22

In its second month of compiling data, the new Kaspersky Security Network (KSN) technology revealed some significant changes amongst the most widespread malicious programs.

This article is the third in a series devoted to the evolution of viruses and anti-virus solutions

Greediest Trojan targeting payment systems, stealthiest malicious program, most common vulnerability on the Internet, most common Trojan family and others.

The latest Gpcode variant, which we wrote about here, is much less of a threat than its predecessors.

Cooperating with the Dutch police

The format of the ‘Virus Top Twenty’ reports from Kaspersky Lab has changed as of July 2008

Kaspersky Lab began performing in-depth analysis of the Rustock rootkit’s code on May 12.

Greediest Trojan targeting payment systems, stealthiest malicious program, most common Trojan family most common malicious program in email traffic and others.

Summer vacation is in full swing, which means changes in the statistics for malicious programs in mail traffic are relatively small.

This month a total of 3 malicious programs for non-Windows platforms appeared out of nowhere.

Greediest Trojan targeting payment systems, stealthiest malicious program, most common Trojan family most common malicious program in email traffic and others.

The May 2008 Email Top Twenty is a short one; this is explained by the well-known fact that virus writers take a break over the summer months.

The statistics produced by the online scanner in May 2008 are nothing short of revolutionary. Virtumonde.gen, which has been the unquestionable leader throughout 2008, has completely disappeared from view.

Most malicious program, most common Trojan family, greediest Trojan targeting banks, stealthiest malicious program and others.

At last, there’s been a change in the three malicious programs leading our Online Top Twenty. After two months in first place, the adware program Virtumonde has slipped to second, while the other two programs which kept it company at the top in February and March fell further down the rankings

Reports

According to Kaspersky, Librarian Ghouls APT continues its series of attacks on Russian entities. A detailed analysis of a malicious campaign utilizing RAR archives and BAT scripts.

Kaspersky GReAT experts uncovered a new campaign by Lazarus APT that exploits vulnerabilities in South Korean software products and uses a watering hole approach.

MysterySnail RAT attributed to IronHusky APT group hasn’t been reported since 2021. Recently, Kaspersky GReAT detected new versions of this implant in government organizations in Mongolia and Russia.

Kaspersky researchers analyze GOFFEE’s campaign in H2 2024: the updated infection scheme, new PowerModul implant, switch to a binary Mythic agent.

Windows malware

Monthly Malware Statistics for August 2008

Rootkit evolution

Malware Miscellany, July 2008

New Gpcode – mostly hot air

Taking down botnets

Monthly Malware Statistics for July 2008

Rustock and All That

Malware Miscellany, June 2008

Virus Top 20 for June 2008

Online Scanner Top Twenty for June 2008

Malware Miscellany, May 2008

Virus Top 20 for May 2008

Online Scanner Top Twenty for May 2008

Malware Miscellany, April 2008

Online Scanner Top Twenty for April 2008

Reports

Sleep with one eye open: how Librarian Ghouls steal data by night

Operation SyncHole: Lazarus APT goes back to the well

IronHusky updates the forgotten MysterySnail RAT to target Russia and Mongolia

GOFFEE continues to attack organizations in Russia

Subscribe to our weekly e-mails