Threat Category: Windows malware | Page 34

More from the AVAR 2004 conference in Tokyo

A clean computer gets infected very quickly

Why are viruses given the names that they have?

We found some unusual backdoors in the past few weeks. They seem like standard variants of Agobot, Rbot and other bots controlled via IRC. However, they contain files that work like EPO viruses.

Yesterday was hot with two new Bagles let loose. The worms were mailed using spam methods in one of the largest mass mailings this year. I hope that the weekend will mean the outbreak will calm down.

The third Bagle we saw yesterday was almost identical to the first two, except for a mistake…

We detected a new variant of Zafi today, Zafi.c. The first two Zafi’s spread widely, so we plan to keep a close eye on how things go.

It’s now the end of October and we haven’t seen any serious email worm outbreaks for months.

When I sit down to think of…

Today’s threats spread further and faster than ever before. This makes updating your antivirus databases regularly essential.

The nature of threats encounted by PC users has changed significantly over the years. Today’s threats are more complex than ever before. So is it still worth using a traditional antivirus solution?

Email worms sent the virusology trend in early spring: Bagle, Mydoom and Netsky all spread as attachments to infected emails, and all used social engineering techniques in order to propagate.

Reports

According to Kaspersky, Librarian Ghouls APT continues its series of attacks on Russian entities. A detailed analysis of a malicious campaign utilizing RAR archives and BAT scripts.

Kaspersky GReAT experts uncovered a new campaign by Lazarus APT that exploits vulnerabilities in South Korean software products and uses a watering hole approach.

MysterySnail RAT attributed to IronHusky APT group hasn’t been reported since 2021. Recently, Kaspersky GReAT detected new versions of this implant in government organizations in Mongolia and Russia.

Kaspersky researchers analyze GOFFEE’s campaign in H2 2024: the updated infection scheme, new PowerModul implant, switch to a binary Mythic agent.

Windows malware

Japan – high technology, high security

How much malicious code is really out there?

More on malware classification

Virus techniques being used in Trojans

Yesterday’s Bagles – how dangerous are they?

New Zafi, New cyberwar?

The end of the Age of Worms?

Antivirus updating – why it’s more important than ever before

Traditional antivirus solutions – are they effective against today’s threats?

Malware Evolution: May Roundup

Reports

Sleep with one eye open: how Librarian Ghouls steal data by night

Operation SyncHole: Lazarus APT goes back to the well

IronHusky updates the forgotten MysterySnail RAT to target Russia and Mongolia

GOFFEE continues to attack organizations in Russia

Subscribe to our weekly e-mails