Threat Category: Windows malware | Page 35

Why are viruses given the names that they have?

We found some unusual backdoors in the past few weeks. They seem like standard variants of Agobot, Rbot and other bots controlled via IRC. However, they contain files that work like EPO viruses.

Yesterday was hot with two new Bagles let loose. The worms were mailed using spam methods in one of the largest mass mailings this year. I hope that the weekend will mean the outbreak will calm down.

The third Bagle we saw yesterday was almost identical to the first two, except for a mistake…

We detected a new variant of Zafi today, Zafi.c. The first two Zafi’s spread widely, so we plan to keep a close eye on how things go.

It’s now the end of October and we haven’t seen any serious email worm outbreaks for months.

When I sit down to think of…

Today’s threats spread further and faster than ever before. This makes updating your antivirus databases regularly essential.

The nature of threats encounted by PC users has changed significantly over the years. Today’s threats are more complex than ever before. So is it still worth using a traditional antivirus solution?

Email worms sent the virusology trend in early spring: Bagle, Mydoom and Netsky all spread as attachments to infected emails, and all used social engineering techniques in order to propagate.

Reports

Kaspersky GReAT experts describe the latest Mysterious Elephant APT activity. The threat actor exfiltrates data related to WhatsApp and employs tools such as BabShell and MemLoader HidenDesk.

According to Kaspersky, Librarian Ghouls APT continues its series of attacks on Russian entities. A detailed analysis of a malicious campaign utilizing RAR archives and BAT scripts.

Kaspersky GReAT experts uncovered a new campaign by Lazarus APT that exploits vulnerabilities in South Korean software products and uses a watering hole approach.

MysterySnail RAT attributed to IronHusky APT group hasn’t been reported since 2021. Recently, Kaspersky GReAT detected new versions of this implant in government organizations in Mongolia and Russia.

Windows malware

More on malware classification

Virus techniques being used in Trojans

Yesterday’s Bagles – how dangerous are they?

New Zafi, New cyberwar?

The end of the Age of Worms?

Antivirus updating – why it’s more important than ever before

Traditional antivirus solutions – are they effective against today’s threats?

Malware Evolution: May Roundup

Reports

Mysterious Elephant: a growing threat

Sleep with one eye open: how Librarian Ghouls steal data by night

Operation SyncHole: Lazarus APT goes back to the well

IronHusky updates the forgotten MysterySnail RAT to target Russia and Mongolia

Subscribe to our weekly e-mails