Threat Category: Windows malware | Page 32

We have just received two very similar Cabir variants, purportedly from the author. This person claims that he/she has the source code and can make new worms instead of only Cabir variants.

In last four hours, we’ve detected three new variants of Email-Worm.Win32.Atak.

It’s actually a new variant of Atak – Email-Worm.Win32.Atak.h. Some variants of this family are similar to some of the Mydoom worms.

Vxer host returns

Vxer resource unavailable

Is 29A falling to pieces?

A brief overview of the evolution of malicious code in October 2004.

More from the AVAR 2004 conference in Tokyo

A clean computer gets infected very quickly

Why are viruses given the names that they have?

We found some unusual backdoors in the past few weeks. They seem like standard variants of Agobot, Rbot and other bots controlled via IRC. However, they contain files that work like EPO viruses.

Yesterday was hot with two new Bagles let loose. The worms were mailed using spam methods in one of the largest mass mailings this year. I hope that the weekend will mean the outbreak will calm down.

The third Bagle we saw yesterday was almost identical to the first two, except for a mistake…

We detected a new variant of Zafi today, Zafi.c. The first two Zafi’s spread widely, so we plan to keep a close eye on how things go.

It’s now the end of October and we haven’t seen any serious email worm outbreaks for months.

When I sit down to think of…

Today’s threats spread further and faster than ever before. This makes updating your antivirus databases regularly essential.

Reports

The report features the most significant developments relating to APT groups in Q3 2024, including hacktivist activity, new APT tools and campaigns.

Kaspersky analyzes SideWinder APT’s recent activity: new targets in the MiddleEast and Africa, post-exploitation tools and techniques.

Kaspersky shares insights into the activity and TTPs of the BlindEagle APT, which targets organizations and individuals in Colombia, Ecuador, Chile, Panama and other Latin American countries.

Kaspersky has identified a new EastWind campaign targeting Russian organizations and using CloudSorcerer as well as APT31 and APT27 tools.

Windows malware

New Cabir variant

More on Atak

Update on new worm

Virus writing resource back

Web host for virus writers closed

Benny, Ratter questioned

Malware Evolution: October Roundup

Japan – high technology, high security

How much malicious code is really out there?

More on malware classification

Virus techniques being used in Trojans

Yesterday’s Bagles – how dangerous are they?

New Zafi, New cyberwar?

The end of the Age of Worms?

Antivirus updating – why it’s more important than ever before

Reports

APT trends report Q3 2024

Beyond the Surface: the evolution and expansion of the SideWinder APT group

BlindEagle flying high in Latin America

EastWind campaign: new CloudSorcerer attacks on government organizations in Russia

Subscribe to our weekly e-mails