Threat Category: Windows malware | Page 34

The first macro virus for Microsoft Office appeared seven years ago today. It was first named Macro.Office.Triplicate, later re-named into Virus.MSOffiice.Triplicate when it became apparent that Triplicate was the first of a wave of new malware.

Seven years later we rarely, if ever see new…

Kaspersky Lab first detected this variant in the summer of 2004

In the past two days, we’ve detected seven new versions of Bagle! The new variants range from Bagle.ax to Bagle.ba. Variants from Bagle.ba onwards are currently detected as Bagle.ba.

Read more about the new worms

There are new variants of Bagle circulating actively at the moment: Email-Worm.Win32.Bagle.ax and Email-Worm.Win32.Bagle.ay.

Reputable sites are hosting a trojaned version of a new DC++ build

New MS antispyware tool already targeted by hackers

The dangers of using public computers

Multiple approaches used in the spam runs

Amount of malicious programs continues to grow

Why rename Santy?

Detailed analysis shows that it exploits bad coding

We have just received two very similar Cabir variants, purportedly from the author. This person claims that he/she has the source code and can make new worms instead of only Cabir variants.

In last four hours, we’ve detected three new variants of Email-Worm.Win32.Atak.

It’s actually a new variant of Atak – Email-Worm.Win32.Atak.h. Some variants of this family are similar to some of the Mydoom worms.

Reports

Kaspersky discloses new tools and techniques discovered in 2025 Tomiris activities: multi-language reverse shells, Havoc and AdaptixC2 open-source frameworks, communications via Discord and Telegram.

Kaspersky experts analyze the ToddyCat APT attacks targeting corporate email. We examine the new version of TomBerBil, the TCSectorCopy and XstReader tools, and methods for stealing access tokens from Outlook.

Kaspersky GReAT experts dive deep into the BlueNoroff APT’s GhostCall and GhostHire campaigns. Extensive research detailing multiple malware chains targeting macOS, including a stealer suite, fake Zoom and Microsoft Teams clients and ChatGPT-enhanced images.

Kaspersky researchers discovered previously unidentified commercial Dante spyware developed by Memento Labs (formerly Hacking Team) and linked it to the ForumTroll APT attacks.

Windows malware

The first macro virus for MS Office

A rose by any other name? Mydoom.bb?

And the Bagles keep on coming

Bagle.ax and Bagle.ay descriptions published

Email-Worm.Win32.Bagle.ax and Bagle.ay

Trojaned build of DC++ found in the wild

Trojans masquerade as Microsoft AntiSpyware

What is public isn’t safe

Different spam runs for same malware

Danger of infection increasing year by year

Santy updates – worm renamed

Update on Santy.e

New Cabir variant

More on Atak

Update on new worm

Reports

Tomiris wreaks Havoc: New tools and techniques of the APT group

ToddyCat: your hidden email assistant. Part 1

Crypto wasted: BlueNoroff’s ghost mirage of funding and jobs

Mem3nt0 mori – The Hacking Team is back!

Subscribe to our weekly e-mails