FOR CUSTOMERS

Close

Library
My library

+ Add to library

Search
Search

Contact us
24/7 Tech support | Rules regarding submitting

Send a message

A query form

Call us

+7 (495) 789-45-86

Forum

Your tickets

New ticket

Call us

+7 (495) 789-45-86

Profile

EN

RU CN DE EN ES FR IT JP KZ UZ PL BY
Close
News

News by topic

Virus alerts
The Anti-virus Times
News boxes
Press center

Hidden cryptocurrency mining and theft campaign affected over 28,000 users

Virus analysts at Doctor Web have identified a large-scale campaign aimed at spreading cryptomining and cryptostealing malware by delivering trojans to victims' computers under the guise of office programs, game cheats, and online trading bots.
08.10.2024 | About viruses

Redis honeypot: server with vulnerable Redis database reveals new SkidMap modification used to hide cryptocurrency mining process

Doctor Web virus analysts have identified a new rootkit modification that installs the Skidmap mining trojan on compromised Linux machines. This rootkit is designed as a malicious kernel module that hides the miner’s activity by providing fake information about CPU usage and network activity. This attack appears to be indiscriminate, primarily targeting the enterprise sector—large servers and cloud environments—where mining efficiency can be maximized.
03.10.2024 | About viruses

Doctor Web’s Q3 2024 review of virus activity on mobile devices

According to detection statistics collected by Dr.Web Security Space for mobile devices, Android.FakeApp trojan apps, used by threat actors in various fraudulent schemes, were the malicious programs most frequently detected on protected devices in the third quarter of 2024. Adware trojans from the Android.HiddenAds family ranked second. The third most commonly detected threats were Android.Siggen trojans—programs that have different malicious functionality and that are difficult to classify into any particular family.
01.10.2024 | About viruses

Doctor Web’s Q3 2024 virus activity review

According to the detection statistics collected by the Dr.Web antivirus, the total number of threats detected in the third quarter of 2024 was up 10.81% over the previous quarter. The number of unique threats decreased by 4.73%. The majority of detections were due to adware programs. Also widespread were malicious scripts, ad-displaying trojans, and trojans distributed within other malware to make the latter more difficult to detect. In email traffic, malicious scripts and programs that exploit vulnerabilities in Microsoft Office documents were most commonly detected.
01.10.2024 | About viruses

Void captures over a million Android TV boxes

Doctor Web experts have uncovered yet another case of an Android-based TV box infection. The malware, dubbed Android.Vo1d, has infected nearly 1.3 million devices belonging to users in 197 countries. It is a backdoor that puts its components in the system storage area and, when commanded by attackers, is capable of secretly downloading and installing third-party software.
12.09.2024 | About viruses

Gaining persistence in a compromised system using Yandex Browser. Failed spear phishing attack on Russian rail freight operator.

Social engineering is a highly effective fraud technique that is difficult to withstand. A skilled attacker knows how to find the right approach to intimidate or persuade a victim to perform an action. But what if an attack requires little communication effort, and a computer stops being a digital assistant and becomes an unwitting accomplice?
04.09.2024 | About viruses

Doctor Web’s Q2 2024 review of virus activity on mobile devices

According to detection statistics collected by the Dr.Web for Android anti-virus, in the second quarter of 2024, Android.HiddenAds adware-displaying trojans were most commonly detected on protected devices.
01.07.2024 | About viruses

Doctor Web’s Q2 2024 virus activity review

According to the detection statistics collected by the Dr.Web anti-virus, in the second quarter of 2024, the most common threats were unwanted adware programs and adware trojans, and also malware that is distributed as part of other trojans and used to make the latter more difficult to detect.
01.07.2024 | About viruses

Doctor Web’s annual virus activity review for 2023

In 2023, Trojan.AutoIt trojan apps, created with the AutoIt scripting language, were once again among the most active threats. They are distributed as part of other malicious software to make the latter more difficult to detect. Trojan.BPlug ad-displaying trojans and various malicious scripts were also highly active. In email traffic, the most commonly detected threats were various malicious scripts and phishing documents. Furthermore, attackers actively distributed malicious programs that exploited vulnerabilities in Microsoft Office documents. Various trojans were also among the threats distributed via email.
13.05.2024 | About viruses

Doctor Web’s review of virus activity on mobile devices in 2023

In 2023, ad-displaying trojans were the most common Android threats. Compared with the year prior, spyware trojans were less active and ranked second in terms of the number of times they were detected on devices protected with the Dr.Web anti-virus.
17.04.2024 | About viruses

Doctor Web’s February 2024 review of virus activity on mobile devices

According to detection statistics collected by the Dr.Web for Android anti-virus, February 2024 saw a significant increase in Android.HiddenAds trojan family activity―it was up 73.26% from January. At the same time, users were 58.85% less likely to encounter the adware trojan family Android.MobiDash.
01.04.2024 | About viruses

Doctor Web’s February 2024 virus activity review

An analysis of Dr.Web anti-virus detection statistics for February 2024 revealed a 1.26% increase in the total number of threats detected, compared to January. At the same time, the number of unique threats decreased by 0.78%. Once again various ad-displaying trojans and unwanted adware programs occupied the leading positions in terms of the number of detections. Moreover, malicious apps that are distributed with other threats to make them more difficult to detect remained highly active. In email traffic, malicious scripts, phishing documents, and programs that exploit vulnerabilities in Microsoft Office software were most commonly detected.
01.04.2024 | About viruses

Doctor Web’s January 2024 review of virus activity on mobile devices

According to detection statistics collected by the Dr.Web for Android anti-virus, in January 2024, users were most likely to encounter Android.HiddenAds trojan applications; these were detected on protected devices 54.45% more often than in December 2023. At the same time, the activity of another adware trojan family, Android.MobiDash, remained virtually unchanged, increasing by only 0.90%.
29.03.2024 | About viruses

Doctor Web’s January 2024 virus activity review

An analysis of Dr.Web anti-virus detection statistics for January 2024 revealed a 95.66% increase in the total number of threats detected, compared to December 2023. At the same time, the number of unique threats increased by 2.15%. Unwanted adware software and adware trojans were most frequently detected as were malicious programs distributed with other threats to make the latter more difficult to detect. In mail traffic, malicious scripts and phishing documents were most commonly observed.
29.03.2024 | About viruses

Study of a targeted attack on a Russian enterprise in the mechanical-engineering sector

In October 2023, Doctor Web was contacted by a Russian mechanical-engineering enterprise that suspected malware was on one of its computers. Our specialists investigated this incident and determined that the affected company had encountered a targeted attack. During this attack, malicious actors had sent phishing emails with an attachment containing the malicious program responsible for the initial system infection and installing other malicious instruments in the system.
11.03.2024 | About viruses

Doctor Web’s December 2023 review of virus activity on mobile devices

According to detection statistics collected by the Dr.Web for Android anti-virus, in December 2023, adware trojans from the Android.HiddenAds family were again the most active malicious programs. However, users encountered them 53.89% less often, compared to the previous month. In addition, the number of banking malware and spyware trojan attacks also decreased—by 0.88% and 10.83%, respectively.
30.01.2024 | About viruses

Doctor Web’s December 2023 virus activity review

An analysis of Dr.Web anti-virus detection statistics for December 2023 revealed a 40.87% increase in the total number of threats detected, compared to November. The number of unique threats also increased by 24.55%. Once again, most commonly detected were adware trojans and unwanted adware programs as well as malicious programs that are distributed with other threats to make them more difficult to detect. In email traffic, phishing documents of various formats were most frequently found.
30.01.2024 | About viruses

Doctor Web’s November 2023 virus activity review

An analysis of Dr.Web anti-virus November detection statistics revealed an 18.09% decrease in the total number of threats detected, compared to October. At the same time, the number of unique threats also decreased by 13.79%. Among the most commonly detected threats were unwanted adware programs, adware trojans, and malicious apps that are distributed along with other threats to make the latter more difficult to detect. Email traffic was dominated by phishing documents. Also commonly encountered were malicious scripts, programs that exploit vulnerabilities in Microsoft Office documents, and various downloaders that download other malware onto target computers.
21.12.2023 | About viruses

Doctor Web’s November 2023 review of virus activity on mobile devices

According to the detection statistics collected by Dr.Web for Android, in November 2023, users were less likely to encounter adware trojans from the Android.HiddenAds and Android.MobiDash families. The activity of the former decreased by a quarter (25.03%) and the latter—by more than a third (35.87%). Moreover, banking trojans and malicious spyware apps were detected less often—by 3.53% and 17.10%, respectively.
21.12.2023 | About viruses

Doctor Web’s October 2023 review of virus activity on mobile devices

According to detection statistics collected by Dr.Web for Android, in October 2023, adware trojans from the Android.HiddenAds family were most often detected. Their activity increased by 46.16%, compared to the previous month. The second most widespread adware trojans, which belong to the Android.MobiDash family, also increased in number—by 7.07%. In addition, users encountered spyware trojans and banking malware more often—by 18.27% and 10.73%, respectively.
22.11.2023 | About viruses

Doctor Web’s October 2023 virus activity review

An analysis of Dr.Web October detection statistics revealed a 49.73% decrease in the total number of threats detected, compared to September. At the same time, the number of unique threats increased by 12.50%. As before, adware trojans and unwanted adware programs were detected most often. In email traffic, malicious scripts, phishing documents, and apps that exploit vulnerabilities in Microsoft Office documents dominated once again.
17.11.2023 | About viruses

Doctor Web’s September 2023 review of virus activity on mobile devices

In early September, Doctor Web published a study of Android.Pandora.2, a backdoor that creates a botnet of infected devices and can carry out DDoS attacks at the command of threat actors. In the middle of the month, our specialists informed users about malicious programs from the Android.Spy.Lydia family. These multi-functional spyware trojans target Iranian users. Members of this family are camouflaged as a financial platform for online trading; they can perform various malicious actions at the command of attackers. This includes intercepting and sending SMS, collecting information about user phonebook contacts, hijacking clipboard contents, loading phishing websites, and so on. The Android.Spy.Lydia trojans can be used in a variety of fraudulent schemes and to steal personal data. Moreover, with their help, threat actors can steal their victims’ money.
26.10.2023 | About viruses

Doctor Web’s September 2023 virus activity review

An analysis of Dr.Web September detection statistics revealed a 0.44% decrease in the total number of threats detected, compared to August. The number of unique threats also decreased— by 11.98%. Adware trojans and adware programs again were among the most popular threats. In email traffic, malicious scripts, phishing documents, and software that exploit vulnerabilities in Microsoft Office documents were detected most often.
26.10.2023 | About viruses

Doctor Web’s August 2023 virus activity review

An analysis of Dr.Web August detection statistics revealed a 4.05% increase in the total number of threats detected, compared to July. The number of unique threats increased by 3.35%. Most often, users encountered adware software. In email traffic, malicious scripts, phishing documents, and programs that exploit vulnerabilities in Microsoft Office documents were most prevalent.
27.09.2023 | About viruses

Doctor Web’s August 2023 review of virus activity on mobile devices

According to detection statistics collected by Dr.Web for Android, in August 2023, adware trojans from the Android.MobiDash and Android.HiddenAds families were again among the most widespread Android malware. At the same time, the former were detected 72.23% more often, while the activity of the latter decreased by 8.87%, compared to the previous month.
27.09.2023 | About viruses