The Internet threat alert status is currently normal. At present, no major epidemics or other serious incidents have been recorded by Kaspersky Lab’s monitoring service. Internet threat level: 1

Apr 11 2013

Winnti. More than just a game

The study shed light on the activities of a group that has persistently targeted online gaming companies for several years.

Apr 11 2013

Winnti 1.0 technical analysis

The favorite tool of the attackers has been malicious program we called "Winnti". It has evolved since the first use, but we divide all variants into two generations: 1.x and 2.x. Our publication describes 1.0 variant of this tool.

Jun 19 2012

XPAJ: Reversing a Windows x64 Bootkit

The number of bootkits is steadily growing.

Dec 01 2011

Legit bootkits

Various proactive antivirus protection tools are capable of hooking system functions in one way or another. Malicious code also uses algorithms of this type.

Jun 27 2011

TDL4 – Top Bot

The malware detected by Kaspersky Anti-Virus as TDSS is the most sophisticated threat today.

Jan 25 2011


A new variant of the rootkit, TDL-4, which can infect both 32-bit and 64-bit operating systems, appeared sometime between July and August, 2010.

Aug 05 2010


The TDSS rootkit first appeared in 2008. Since then, it has become far more widespread than the notorious rootkit Rustock. The rootkit’s malicious payload and the difficulties it presents for analysis are effectively similar to those of the bootkit.

Feb 17 2010

Kaspersky Security Bulletin 2009. Malware Evolution 2009

2009 was the latest milestone both in the history of malware and in the history of cybercrime, with a marked change in direction in both areas. This year laid the foundation of what we will see in the future.

Jun 09 2009

Bootkit 2009

In 2008, we wrote about Backdoor.Win32.Sinowal , a malicious program we believed to pose a serious threat, as it employed the most advanced, at the time, virus technologies.

Mar 02 2009

Kaspersky Security Bulletin: Malware evolution 2008

2008 demonstrated that the era of epidemics was already history.

Dec 18 2008

Bootkit: the challenge of 2008

The term MalWare 2.0 is often used in our reports to denote a model for the complex malicious programs which appeared at the end of 2006. The most striking examples, and the initial members of MalWare 2.0 are the Bagle, Warezov and Zhelatin worms.

Sep 24 2008

Kaspersky Security Bulletin 2008: Malware Evolution January - June 2008

One of the most notable malicious programs during the first half of 2008 was, undoubtedly, the Storm worm (classified by Kaspersky Lab as Zhelatin). It remains in the vanguard of Malware 2.0.