FOR CUSTOMERS

Close

Library
My library

+ Add to library

Search
Search

Contact us
24/7 Tech support | Rules regarding submitting

Send a message

A query form

Call us

+7 (495) 789-45-86

Forum

Your tickets

New ticket

Call us

+7 (495) 789-45-86

Profile

EN

RU CN DE EN ES FR IT JP KZ UZ PL BY
Close
News

News by topic

Virus alerts
The Anti-virus Times
News boxes
Press center

Phishing emails with RAT malware threaten corporate users

In November 2020 Doctor Web virus analysts detected a phishing attack targeting corporate users. The emails in question contained trojan malware that covertly install and launch Remote Utilities software — a tool for remotely accessing another computer.
11.12.2020 | Real-time threat news

Eye care Android app found to contain a trojan

Doctor Web’s malware analysts have discovered a trojan built into an app designed to protect Android users’ vision. While working as intended, it also performs malicious actions such as opening web links and displaying websites on top of other app windows.
01.12.2020 | Real-time threat news

Study of the ShadowPad APT backdoor and its relation to PlugX

27.10.2020 | Real-time threat news

Study of the APT attacks on state institutions in Kazakhstan and Kyrgyzstan

20.07.2020 | Real-time threat news

Fraudsters spread a mobile trojan disguised as a Valorant game

Doctor Web specialists have uncovered a fraudulent campaign targeting mobile device owners. Cybercriminals are publishing misleading videos on YouTube, promoting a mobile version of a new Valorant game and prompting unsuspecting users to install it on their mobile devices. But in reality, a trojan is being installed instead of the real game. This trojan helps malware creators get rewards from various online affiliate programs.
28.05.2020 | Real-time threat news

Cybercriminals spread dangerous backdoor as Google Chrome update

Doctor Web virus analysts report that certain websites, from online news blogs to corporate pages created using WordPress CMS, have been compromised. The JavaScript script embedded in the hacked pages code redirects visitors to a phishing site where they are prompted to install an important security update for the Chrome browser. The downloadable file is a malware installer that allows attackers to remotely access and control the infected computers. Over 2000 people have downloaded the fake update so far.
25.03.2020 | Real-time threat news

Android.Circle.1 adware trojan found on Google Play is capable of executing BeanShell scripts

24.03.2020 | Real-time threat news

Cybercriminals have launched a phishing campaign on Instagram to steal money and obtain personal data

Doctor Web warns: cybercriminals have launched a large-scale phishing campaign under the guise of nonexistent presidential decree No. 1122B dated February 11, 2020 offering a one-off payment to all Russian citizens. Information is distributed throughout Instagram and supported by fake photos and videos based on news releases from federal television channels. Attackers use phishing websites to collect users’ bank card information and also require prepayment for registering the application to receive a lump-sum payment.
17.02.2020 | Real-time threat news

Cybercriminals use CNET website to spread the infected VSDC installer

Doctor Web virus analysts report that VSDC video editor’s download link has been compromised on popular software platform CNET. Instead of the genuine program, visitors receive a modified installer bundled with malicious software, allowing cybercriminals to access the infected computers remotely. According to SimilarWeb statistics, monthly visits to CNET’s Downloads section is around 90 million users.
06.02.2020 | Real-time threat news

Dangerous trojan spreads via copied website of Russia’s Federal Bailiffs Service

Doctor Web virus lab specialists have detected a malicious copy of the website of Russian Federal Bailiffs Service (FSSP). Cybercriminals use this fake website to infect users with Trojan.DownLoader28.58809.
04.10.2019 | Real-time threat news

Doctor Web: Clicker Trojan Installed from Google Play by Some 102,000,000 Android Users

Clicker trojans are widespread malicious programs, designed to increase website visit rates and earn money on online traffic. They simulate user actions on web pages by clicking on links and other interactive elements. Doctor Web virus analysts have detected another such trojan on Google Play.
08.08.2019 | Real-time threat news

Doctor Web: A dangerous Android backdoor distributed via Google Play

Doctor Web has identified a new backdoor trojan on Google Play that executes cybercriminal commands, allowing the criminals to remotely control the infected Android devices and spy on users.
12.07.2019 | Real-time threat news

New Node.js trojan threatens gamers

Researchers at Doctor Web’s virus laboratory have studied a new type of downloader trojan. The malware is written in JavaScript and uses Node.js to launch itself within a system. The malicious software is distributed through websites with cheats for popular video games and received the name Trojan.MonsterInstall.
19.06.2019 | Real-time threat news

Doctor Web: Android users threatened by fraudulent push notifications

Doctor Web experts discovered the Android.FakeApp.174 trojan that uses Google Chrome to load questionable websites that subscribe users to advertising notifications. Notifications pop up even if the browser is closed and may be mistaken for system notifications. Not only do they bother users of Android devices, but may also lead to losing money and confidential information.
14.06.2019 | Real-time threat news

A new threat for the macOS system spreads disguised as WhatsApp

Doctor Web’s researchers have found unique malware for the macOS operating system. It allows attackers to download and execute malicious python code on the victim’s device. Additionally, websites that spread the malware also infect their visitors with a Windows spyware trojan.
14.05.2019 | Real-time threat news

Doctor Web: Trojan Android.InfectionAds exploits critical vulnerabilities of Android to infect and install other software

Doctor Web virus analysts have investigated the Android.InfectionAds.1 trojan, which exploits several vulnerabilities in the Android OS. It uses them to infect software, as well as install and uninstall applications independently from the user. Another purpose of Android.InfectionAds.1 is to display ads.
12.04.2019 | Real-time threat news

The official website of a popular video editing software was infected with a banking trojan

Doctor Web researchers discovered that the official website of a well-known video editing software, VSDC, was compromised. The hackers hijacked download links on the website causing visitors to download a dangerous banking trojan, Win32.Bolik.2, and the Trojan.PWS.Stealer (KPOT stealer) along with the editing software.
11.04.2019 | Real-time threat news

The international companies official newsletters are used to steal money from bank accounts

Doctor Web warns: hackers use newsletter subscription forms to spread links to a phishing website on behalf of famous international companies. Emails sent from official addresses seem trustworthy both to the receiver and spam-filters, increasing the number of potential victims.
08.04.2019 | Real-time threat news

Hundreds of millions of UC Browser users for Android are threatened

Doctor Web malware analysts have detected a hidden ability within the popular UC Browser to download and run questionable code on mobile devices. The application is capable of downloading auxiliary software modules, bypassing Google Play servers. This violates Google Inc.’s rules and poses a serious threat because it enables any code, including malicious ones, to be downloaded to Android devices.
26.03.2019 | Real-time threat news

Doctor Web: Android banker Flexnet uses computer games to steal money from users

21.03.2019 | Real-time threat news

Study of the Belonard Trojan, exploiting zero-day vulnerabilities in Counter-Strike 1.6

11.03.2019 | Real-time threat news

Doctor Web’s experts reveal a Trojan exploiting zero-day vulnerabilities of the official Counter Strike client

Doctor Web’s lab has investigated the Trojan.Belonard malware that exploited the vulnerabilities of the Counter-Strike 1.6 game client to infiltrate users’ computers. Once installed, the Trojan replaced the game files and the list of available game servers.
11.03.2019 | Real-time threat news

Doctor Web warns: Cybercriminals spread Android Trojans via Instagram

Doctor Web's experts detect more and more Trojans of the Android.HiddenAds family, displaying obnoxious ads, on Google Play. Since the beginning of February, about 40 new modifications of such malicious apps have been found and downloaded by some 10,000,000 users. Some of these Trojans have been spread via Instagram and YouTube. Thanks to advertising in popular social media and online services with a huge audience, the number of potential victims who can install dangerous software is significantly increasing.
19.02.2019 | Real-time threat news

Doctor Web has detected malicious activity in a cryptocurrency monitoring tool

Downloader Trojans are used to upload another malware to a victim’s device. Trojan.DownLoad4.11892 is no exception. When installed it downloads malicious software to steal private data from cryptocurrency holders.
22.01.2019 | Real-time threat news

Brazilian users’ mobile devices attacked by a banking Trojan

Doctor Web virus analysts have detected the Android.BankBot.495.origin Trojan attacking Brazilian financial institution customers on Google Play. This Trojan uses Android’s special features (Accessibility Service). It uses them to control infected mobile devices and steal their owners’ confidential data.
06.12.2018 | Real-time threat news