Threat Category: Windows malware | Page 25

In place of the traditional and somewhat dull domination of the rankings by old email worms, in December we encountered the explosive propagation of a new generation of programs.

A look at the December statistics makes it possible for us to draw some preliminary conclusions about the malware landscape in 2007.

Yesterday I was taking a look at a new backdoor with MSN-Worm functionality, Backdoor.Win32.VB.bsf. This backdoor is specifically designed to steal (bank related) passwords and to spy on the user

Although the malicious programs leading November’s 2007 Email Top Twenty have changed, the data once again highlights the absence of any serious epidemics in mail traffic

In November, our online statistics returned to their usual state of flux: there are 11 new malicious programs in the Top Twenty, a new leader and it’s very unclear what the future may hold

Over the last couple of days I’ve been looking at some of the latest tricks used by the creators of some adware – Virtumonde a.k.a Vundo.

Greediest Trojan targeting payment systems, stealthiest malicious program, most common malicious program in mail traffic, most common Trojan family and others.

Our online virus scanner’s October rankings are a bit unusual. What makes them stand out from previous months is a stability that we have not seen before.

If this month’s Top Twenty had been prepared using data from the first 26 days of October, two important malware related events would have been missing

This half-year report examines changes in malware compared with to the second half of 2006.

Greediest Trojan targeting payment systems, stealthiest malicious program, most common malicious program in mail traffic, most common Trojan family and others.

Netsky.q is once again in first place. This worm has finally achieved notoriety as the most widespread malicious program in the history of the Internet.

September’s Online Top Twenty was a little unusual in terms of the movement of the entries.

Pinch is a true omnivore – it grabs just about everything it can from the victim machine: the Windows license number, system information, a list of programs installed, as well as ICQ, email and FTP passwords.

The middle of the month means it’s time for our miscellany, so let’s take a look at what the final month of summer brought us.

Reports

Kaspersky GReAT experts dive deep into the BlueNoroff APT’s GhostCall and GhostHire campaigns. Extensive research detailing multiple malware chains targeting macOS, including a stealer suite, fake Zoom and Microsoft Teams clients and ChatGPT-enhanced images.

Kaspersky researchers discovered previously unidentified commercial Dante spyware developed by Memento Labs (formerly Hacking Team) and linked it to the ForumTroll APT attacks.

Kaspersky GReAT experts describe the latest Mysterious Elephant APT activity. The threat actor exfiltrates data related to WhatsApp and employs tools such as BabShell and MemLoader HidenDesk.

According to Kaspersky, Librarian Ghouls APT continues its series of attacks on Russian entities. A detailed analysis of a malicious campaign utilizing RAR archives and BAT scripts.

Windows malware

Virus Top 20 for December 2007

Online Scanner Top Twenty for December 2007

Calling the hyve

Virus Top 20 for November 2007

Online Scanner Top Twenty for November 2007

Virtumonde/Vundo goes file infector

Malware Miscellany, October 2007

Online Scanner Top Twenty for October 2007

Virus Top 20 for October 2007

Malware evolution: January – July 2007

Malware Miscellany, September 2007

Virus Top Twenty for September 2007

Online Scanner Top Twenty for September 2007

Pinch pinched

Malware Miscellany, August 2007

Reports

Crypto wasted: BlueNoroff’s ghost mirage of funding and jobs

Mem3nt0 mori – The Hacking Team is back!

Mysterious Elephant: a growing threat

Sleep with one eye open: how Librarian Ghouls steal data by night

Subscribe to our weekly e-mails