Threat Category: Windows malware | Page 24

In its second month of compiling data, the new Kaspersky Security Network (KSN) technology revealed some significant changes amongst the most widespread malicious programs.

This article is the third in a series devoted to the evolution of viruses and anti-virus solutions

Greediest Trojan targeting payment systems, stealthiest malicious program, most common vulnerability on the Internet, most common Trojan family and others.

The latest Gpcode variant, which we wrote about here, is much less of a threat than its predecessors.

Cooperating with the Dutch police

The format of the ‘Virus Top Twenty’ reports from Kaspersky Lab has changed as of July 2008

Kaspersky Lab began performing in-depth analysis of the Rustock rootkit’s code on May 12.

Greediest Trojan targeting payment systems, stealthiest malicious program, most common Trojan family most common malicious program in email traffic and others.

Summer vacation is in full swing, which means changes in the statistics for malicious programs in mail traffic are relatively small.

This month a total of 3 malicious programs for non-Windows platforms appeared out of nowhere.

Greediest Trojan targeting payment systems, stealthiest malicious program, most common Trojan family most common malicious program in email traffic and others.

The May 2008 Email Top Twenty is a short one; this is explained by the well-known fact that virus writers take a break over the summer months.

The statistics produced by the online scanner in May 2008 are nothing short of revolutionary. Virtumonde.gen, which has been the unquestionable leader throughout 2008, has completely disappeared from view.

Most malicious program, most common Trojan family, greediest Trojan targeting banks, stealthiest malicious program and others.

At last, there’s been a change in the three malicious programs leading our Online Top Twenty. After two months in first place, the adware program Virtumonde has slipped to second, while the other two programs which kept it company at the top in February and March fell further down the rankings

Reports

Kaspersky researchers analyze updated CoolClient backdoor and new tools and scripts used in HoneyMyte (aka Mustang Panda or Bronze President) APT campaigns, including three variants of a browser data stealer.

Kaspersky discloses a 2025 HoneyMyte (aka Mustang Panda or Bronze President) APT campaign, which uses a kernel-mode rootkit to deliver and protect a ToneShell backdoor.

Kaspersky GReAT experts analyze the Evasive Panda APT’s infection chain, including shellcode encrypted with DPAPI and RC5, as well as the MgBot implant.

Kaspersky expert describes new malicious tools employed by the Cloud Atlas APT, including implants of their signature backdoors VBShower, VBCloud, PowerShower, and CloudAtlas.

Windows malware

Monthly Malware Statistics for August 2008

Rootkit evolution

Malware Miscellany, July 2008

New Gpcode – mostly hot air

Taking down botnets

Monthly Malware Statistics for July 2008

Rustock and All That

Malware Miscellany, June 2008

Virus Top 20 for June 2008

Online Scanner Top Twenty for June 2008

Malware Miscellany, May 2008

Virus Top 20 for May 2008

Online Scanner Top Twenty for May 2008

Malware Miscellany, April 2008

Online Scanner Top Twenty for April 2008

Reports

HoneyMyte updates CoolClient and deploys multiple stealers in recent campaigns

The HoneyMyte APT evolves with a kernel-mode rootkit and a ToneShell backdoor

Evasive Panda APT poisons DNS requests to deliver MgBot

Cloud Atlas activity in the first half of 2025: what changed

Subscribe to our weekly e-mails