English
The Internet threat alert status is currently normal. At present, no major epidemics or other serious incidents have been recorded by Kaspersky Lab’s monitoring service. Internet threat level: 1
All threats
2014 Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec

Sep 26 2013

The Icefog APT: Frequently Asked Questions

Here are answers to the most frequently asked questions related to Icefog, an APT operation targeting entities in Japan and South Korea.

Apr 11 2013

Winnti. More than just a game

The study shed light on the activities of a group that has persistently targeted online gaming companies for several years.

Jan 17 2013

“Red October”. Detailed Malware Description 1. First Stage of Attack

Based on the analysis of known cases, we identified two main ways through which Backdoor.Win32.Sputnik infects the victims

Jan 17 2013

“Red October”. Detailed Malware Description 2. Second Stage of Attack

Most of the tasks are provided as one-time PE DLL libraries that are received from the server, executed in memory and then immediately discarded

Jan 17 2013

“Red October”. Detailed Malware Description 3. Second Stage of Attack

The packer disrupts basic software breakpoints and some api hooking techniques, because it decrypts the original exe’s section contents onto heaps in-memory

Jan 17 2013

“Red October”. Detailed Malware Description 4. Second Stage of Attack

Files with the extension ".bak" are treated differently. They are decrypted using a custom AMPRNG algorithm with a hardcoded key, then decompressed using LZMA

Jan 17 2013

“Red October”. Detailed Malware Description 5. Second Stage of Attack

In the Device notification callback function, the module logs each connection and disconnection event. When a device is connected, it starts a new thread that manipulates this device

Oct 15 2012

miniFlame aka SPE: "Elvis and his friends"

While analyzing the Flame malware that we detected in May 2012, Kaspersky Lab experts identified some distinguishing features of Flame’s modules.

Aug 09 2012

Gauss: Abnormal Distribution

While analyzing the Flame malware that we detected in May 2012, Kaspersky Lab experts identified some distinguishing features of Flame's modules.

May 11 2012

Monthly Malware Statistics: April 2012

280 million malicious programs were detected and neutralized

Apr 16 2012

Monthly Malware Review, March 2012

The investigation into the Duqu Trojan is into its sixth month, and March brought further progress as we were able to establish which language was used for its Framework code.