Analysis

English

Calendar Discussions Polls

RSS feeds Subscriptions Contacts

Log in

Search

The Internet threat alert status is currently normal. At present, no major epidemics or other serious incidents have been recorded by Kaspersky Lab’s monitoring service.

Internet threat level: 1

Follow us on

Home→Analysis

All threats

Global Research & Analysis Team (GReAT), Kaspersky Lab

2013

Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec

What we
detect

Spam and
phishing

Vulnerabilities
and hackers

Internal
threats

Article type:

Internal Threats Reports [6] Kaspersky Security Bulletin [40] Malware Evolution Monthly [9] Monthly Malware Statistics [157] Monthly Spam Reports [57] Quarterly Malware Reports [23] Quarterly Spam Reports [17] User Advice [1]

Tags:

Botnets [18] Duqu [4] Flame [2] Flashfake [1] Gauss [2] Instant Messengers [7] Internet Banking [8] Madi [1] Malware Miscellany [1] Mobile Malware [28] Proactive Protection [2] Ransomware [7] Security technology [2] Social Networks [5] Stuxnet [3] Wardriving [12] Wi-Fi [11] Wiper [1] ZeuS [1]

show all tags

Apr 11 2013

Winnti. More than just a game

The study shed light on the activities of a group that has persistently targeted online gaming companies for several years.

Jan 17 2013

“Red October”. Detailed Malware Description 1. First Stage of Attack

Based on the analysis of known cases, we identified two main ways through which Backdoor.Win32.Sputnik infects the victims

Jan 17 2013

“Red October”. Detailed Malware Description 2. Second Stage of Attack

Most of the tasks are provided as one-time PE DLL libraries that are received from the server, executed in memory and then immediately discarded

Jan 17 2013

“Red October”. Detailed Malware Description 3. Second Stage of Attack

The packer disrupts basic software breakpoints and some api hooking techniques, because it decrypts the original exe’s section contents onto heaps in-memory

Jan 17 2013

“Red October”. Detailed Malware Description 4. Second Stage of Attack

Files with the extension ".bak" are treated differently. They are decrypted using a custom AMPRNG algorithm with a hardcoded key, then decompressed using LZMA

Jan 17 2013

“Red October”. Detailed Malware Description 5. Second Stage of Attack

In the Device notification callback function, the module logs each connection and disconnection event. When a device is connected, it starts a new thread that manipulates this device

Oct 15 2012

miniFlame aka SPE: "Elvis and his friends"

While analyzing the Flame malware that we detected in May 2012, Kaspersky Lab experts identified some distinguishing features of Flame’s modules.

Aug 09 2012

Gauss: Abnormal Distribution

While analyzing the Flame malware that we detected in May 2012, Kaspersky Lab experts identified some distinguishing features of Flame's modules.

May 11 2012

Monthly Malware Statistics: April 2012

280 million malicious programs were detected and neutralized

Apr 16 2012

Monthly Malware Review, March 2012

The investigation into the Duqu Trojan is into its sixth month, and March brought further progress as we were able to establish which language was used for its Framework code.

© 1997-2013 Kaspersky Lab ZAO. All Rights Reserved.
Industry-leading Antivirus Software.
Registered trademarks and service marks are the property of their respective owners.
The authors' opinions do not necessarily reflect the official positions of Kaspersky Lab.

kaspersky.com

securelist.com