Threat Category: Windows malware | Page 35

The dangers of using public computers

Multiple approaches used in the spam runs

Amount of malicious programs continues to grow

Why rename Santy?

Detailed analysis shows that it exploits bad coding

We have just received two very similar Cabir variants, purportedly from the author. This person claims that he/she has the source code and can make new worms instead of only Cabir variants.

In last four hours, we’ve detected three new variants of Email-Worm.Win32.Atak.

It’s actually a new variant of Atak – Email-Worm.Win32.Atak.h. Some variants of this family are similar to some of the Mydoom worms.

Vxer host returns

Vxer resource unavailable

Is 29A falling to pieces?

A brief overview of the evolution of malicious code in October 2004.

More from the AVAR 2004 conference in Tokyo

A clean computer gets infected very quickly

Why are viruses given the names that they have?

Reports

Kaspersky researchers analyze updated CoolClient backdoor and new tools and scripts used in HoneyMyte (aka Mustang Panda or Bronze President) APT campaigns, including three variants of a browser data stealer.

Kaspersky discloses a 2025 HoneyMyte (aka Mustang Panda or Bronze President) APT campaign, which uses a kernel-mode rootkit to deliver and protect a ToneShell backdoor.

Kaspersky GReAT experts analyze the Evasive Panda APT’s infection chain, including shellcode encrypted with DPAPI and RC5, as well as the MgBot implant.

Kaspersky expert describes new malicious tools employed by the Cloud Atlas APT, including implants of their signature backdoors VBShower, VBCloud, PowerShower, and CloudAtlas.

Windows malware

What is public isn’t safe

Different spam runs for same malware

Danger of infection increasing year by year

Santy updates – worm renamed

Update on Santy.e

New Cabir variant

More on Atak

Update on new worm

Virus writing resource back

Web host for virus writers closed

Benny, Ratter questioned

Malware Evolution: October Roundup

Japan – high technology, high security

How much malicious code is really out there?

More on malware classification

Reports

HoneyMyte updates CoolClient and deploys multiple stealers in recent campaigns

The HoneyMyte APT evolves with a kernel-mode rootkit and a ToneShell backdoor

Evasive Panda APT poisons DNS requests to deliver MgBot

Cloud Atlas activity in the first half of 2025: what changed

Subscribe to our weekly e-mails