Threat Category: Windows malware | Page 31

Net-Worm.Win32.Mytob.bi ?

Here in Russia we are getting letters from users who have been hit by Virus.Win32.JuNy.b.

As the previous post says, there have been a lot of new Bagle modifications in the last 24 hours. And they’re continuing.

During the last six hours or so we’ve seen another flurry of Bagle variants.

We’ve just released an urgent update for the fourth spammed Bagle. And just like before these Bagles don’t spread any further.

During the past few months Kaspersky Lab analysts have observed a surge in the number of rootkits detected. What has caused this growth and what risks do rootkits pose to users?

We’ve recently detected a third modification of Email-Worm.Win32.Monikey. Our interest was piqued by the fact that Monikey incorporates modifications of Trojan-PSW.Win32.Vipgsm and Trojan-PSW.Win32.LdPinch.

We’ve decided to rename Net-Worm.Win32.Small.d to Net-Worm.Win32.Bozori.a. Infection reports are coming mostly from the USA, with some high-profile targets being hit.

We’ve received numerous reports on a new worm spreading via the PnP vulnerability. We detect it as Net-Worm.Win32.Small.d.

A quick update: over the last twenty four hours, we had eleven new Bagle variants, from Bagle.bz to Bagle.cj.

Today we’ve detected several new Bagle variants (actually old variants which have been repacked) and they are still coming in.

A few days ago we got another Trojan-Dropper. When we analyzed it, we found out that it installs 4 files to the system.

A professional malware market started to emerge at the very end of 2003, gained ground during 2004, and was well established by the beginning of 2005.

Over 2 years have gone by since we’ve seen a true virus in the wild. Most of us here had decided that they might actually be dead. And yet…

On July 13 we received the first sample of Tenga – a true blue virus. Tenga.a was followed by Tenga.b and finally Tenga.c, which arrive just…

Viruses and worms have evolved rapidly over the past few years and now pose a global threat. However, law enforcement agencies are also pooling their resources to gain a global reach.

Reports

Kaspersky GReAT experts dive deep into the BlueNoroff APT’s GhostCall and GhostHire campaigns. Extensive research detailing multiple malware chains targeting macOS, including a stealer suite, fake Zoom and Microsoft Teams clients and ChatGPT-enhanced images.

Kaspersky researchers discovered previously unidentified commercial Dante spyware developed by Memento Labs (formerly Hacking Team) and linked it to the ForumTroll APT attacks.

Kaspersky GReAT experts describe the latest Mysterious Elephant APT activity. The threat actor exfiltrates data related to WhatsApp and employs tools such as BabShell and MemLoader HidenDesk.

According to Kaspersky, Librarian Ghouls APT continues its series of attacks on Russian entities. A detailed analysis of a malicious campaign utilizing RAR archives and BAT scripts.

Windows malware

Quake IV released

New file-encryptor on the loose in Russia

And even more Bagles

More Bagles…

New series of Bagles being spammed

Rootkits and how to combat them

Monikey or: the continuing evolution of Bagle

60 seconds before shutdown – again

New PnP worm spreading

And the Bagles just keep on coming

Bagle’s author back at work

Downloader + file virus – a new approach?

Watershed in malicious code evolution

Classical viruses ITW – never say die

Global problem, global solution

Reports

Crypto wasted: BlueNoroff’s ghost mirage of funding and jobs

Mem3nt0 mori – The Hacking Team is back!

Mysterious Elephant: a growing threat

Sleep with one eye open: how Librarian Ghouls steal data by night

Subscribe to our weekly e-mails