Library
My library

+ Add to library

Contact us
24/7 Tech support | Rules regarding submitting

Send a message

Your tickets

Profile

Cyber Monday offer: Dr.Web Security Space at 35% off

Doctor Web is announcing the start of its Cyber Monday antivirus offer. From November 11-17, 2024, get 2 years of Dr.Web Security Space’s comprehensive protection for 1 PC at 35% off!
11.11.2024 | Dr.Web products | Promos

Malicious apps on Google Play: how threat actors use the DNS protocol to covertly connect trojans to C&C servers

Many Android.FakeApp trojans are tasked with opening links to various sites, and from a technical point of view, such malware programs are quite primitive. When launched, they receive a command to load a specific web address. As a result, the users who have installed them see the contents of some unwanted site on their screens instead of the program or game they are expecting. However, sometimes notable samples can emerge among such fake applications: Android.FakeApp.1669, for example. It differs from most of the threats that are similar to it in that it uses a modified dnsjava library to get the configuration from a malicious DNS server that contains the target link. At the same time, such a configuration is sent to the trojan only when it is connected to the Internet via certain service providers—mobile Internet providers, for example. In other cases, the trojan does not manifest itself in any way.
11.11.2024 | Updates | Mobile threats | Real-time threat news

Updates made to corporate Dr.Web 13.0.1 products supporting remote administration and Dr.Web Industrial

Doctor Web has updated its corporate Dr.Web 13.0.1 products supporting remote administration as well as the secure automated production solution Dr.Web Industrial. The update introduces new features (including the changes requested by business users) and addresses known software issues.
14.10.2024 | Dr.Web products | Updates

Widgets and other innovations in the latest Dr.Web FixIt! release

Doctor Web has updated its remote system diagnostics and threat elimination service Dr.Web FixIt! to version 2.4. The latest release introduces a variety of information widgets to make the service easier for operators to use. Major changes have also been made to the solution's UI—now its design incorporates the latest look and feel, tweaks, and upgrades included into other Dr.Web products; these significantly boost the user experience. While maintaining the same set of analysis and threat neutralisation tools, version 2.4 boasts improved usability and additional customisation options.
09.10.2024 | Dr.Web products | Updates

Hidden cryptocurrency mining and theft campaign affected over 28,000 users

Virus analysts at Doctor Web have identified a large-scale campaign aimed at spreading cryptomining and cryptostealing malware by delivering trojans to victims' computers under the guise of office programs, game cheats, and online trading bots.
08.10.2024 | Dr.Web products | About viruses | Real-time threat news

Redis honeypot: server with vulnerable Redis database reveals new SkidMap modification used to hide cryptocurrency mining process

Doctor Web virus analysts have identified a new rootkit modification that installs the Skidmap mining trojan on compromised Linux machines. This rootkit is designed as a malicious kernel module that hides the miner’s activity by providing fake information about CPU usage and network activity. This attack appears to be indiscriminate, primarily targeting the enterprise sector—large servers and cloud environments—where mining efficiency can be maximized.
03.10.2024 | About viruses | Real-time threat news

Doctor Web’s Q3 2024 review of virus activity on mobile devices

According to detection statistics collected by Dr.Web Security Space for mobile devices, Android.FakeApp trojan apps, used by threat actors in various fraudulent schemes, were the malicious programs most frequently detected on protected devices in the third quarter of 2024. Adware trojans from the Android.HiddenAds family ranked second. The third most commonly detected threats were Android.Siggen trojans—programs that have different malicious functionality and that are difficult to classify into any particular family.
01.10.2024 | Updates | About viruses | Mobile threats | Virus reviews

Doctor Web’s Q3 2024 virus activity review

According to the detection statistics collected by the Dr.Web antivirus, the total number of threats detected in the third quarter of 2024 was up 10.81% over the previous quarter. The number of unique threats decreased by 4.73%. The majority of detections were due to adware programs. Also widespread were malicious scripts, ad-displaying trojans, and trojans distributed within other malware to make the latter more difficult to detect. In email traffic, malicious scripts and programs that exploit vulnerabilities in Microsoft Office documents were most commonly detected.
01.10.2024 | About viruses | Virus reviews

Doctor Web resumed virus database updates after the attack on its infrastructure

Now that the dangerous situation involving the attack on Doctor Web's infrastructure has been resolved successfully, we're happy to bring you up to speed on the latest developments and present the security incident's complete timeline.
18.09.2024 | Dr.Web products | Real-time threat news | Corporate news

Doctor Web's resources attacked



On Saturday, September 14, Doctor Web specialists recorded a targeted attack on the company's resources. The attempt to harm our infrastructure was prevented in a timely manner, and no user whose system was protected by Dr.Web was affected.
17.09.2024 | Real-time threat news | Corporate news

Void captures over a million Android TV boxes

Doctor Web experts have uncovered yet another case of an Android-based TV box infection. The malware, dubbed Android.Vo1d, has infected nearly 1.3 million devices belonging to users in 197 countries. It is a backdoor that puts its components in the system storage area and, when commanded by attackers, is capable of secretly downloading and installing third-party software.
12.09.2024 | Dr.Web products | About viruses | Real-time threat news

Doctor Web Antivirus Laboratory Chief spoke on the growing threat to Linux at the annual cybersecurity forum in China

Doctor Web took part in the annual cybersecurity summit and international antivirus conference in Tianjin, China. The second CSST (Cyber Security Summit in Tianjin) event was devoted to the theme "Jointly Building Cyber Security and Governing Cyberspace".
09.09.2024 | Corporate news

Gaining persistence in a compromised system using Yandex Browser. Failed spear phishing attack on Russian rail freight operator.

Social engineering is a highly effective fraud technique that is difficult to withstand. A skilled attacker knows how to find the right approach to intimidate or persuade a victim to perform an action. But what if an attack requires little communication effort, and a computer stops being a digital assistant and becomes an unwitting accomplice?
04.09.2024 | Dr.Web products | About viruses | Real-time threat news

License coverage changes for Dr.Web Security Space for desktops and laptops—effective September 1, 2024

Starting September 1, 2024, Dr.Web Security Space licenses for desktops and laptops will no longer provide additional protection for Android devices.
30.08.2024 | Dr.Web products

Promo "Back to school!" – Get a 30% discount on Dr.Web Security Space

In the run-up to the new school year, Doctor Web is launching a promo: from August 21 to September 3, 2024, you can get 30% off comprehensive anti-virus protection for 4 computers for 1 year.
21.08.2024 | Dr.Web products | Promos

Dr.Web products for mobile devices now officially support Android OS 14

Doctor Web has added official support for Android OS 14 to all the versions of its mobile device products: Dr.Web Mobile Security Suite, Dr.Web Security Space for mobile devices, and the subscription-based Dr.Web Antivirus.
13.08.2024 | Dr.Web products | Updates

Components in Dr.Web products for Windows updated

Following the update of its standalone Dr.Web antiviruses for Windows, Doctor Web is introducing similar upgrades for its products that support remote administration via the Control Center. This update boosts application performance and further enhances antivirus security in Dr.Web-protected systems.
18.07.2024 | Dr.Web products | Updates

Dr.Web Security Space for Android TV temporarily unavailable on Google Play

Doctor Web is notifying users that its antivirus app Dr.Web Security Space for Android is temporarily unavailable on Google Play for download to Android TV devices. The availability interruption is caused by changes to the app publishing format requirements introduced by Google for Android TV.
09.07.2024 | Dr.Web products

Do shoot the messenger: Telegram-controlled backdoor trojan targets Linux servers

Doctor Web virus analysts exposed a Linux version of the well-known TgRat trojan, which is used for targeted attacks on computers. One notable feature of this trojan is that it is controlled via a Telegram bot.
04.07.2024 | Dr.Web products | Real-time threat news

Doctor Web’s Q2 2024 review of virus activity on mobile devices

According to detection statistics collected by the Dr.Web for Android anti-virus, in the second quarter of 2024, Android.HiddenAds adware-displaying trojans were most commonly detected on protected devices.
01.07.2024 | Updates | About viruses | Mobile threats | Virus reviews

Doctor Web’s Q2 2024 virus activity review

According to the detection statistics collected by the Dr.Web anti-virus, in the second quarter of 2024, the most common threats were unwanted adware programs and adware trojans, and also malware that is distributed as part of other trojans and used to make the latter more difficult to detect.
01.07.2024 | Dr.Web products | About viruses | Virus reviews

Full Dr.Web product support period extended for one year

Doctor Web has extended full support for its latest Dr.Web product releases by one year—until June 30, 2025.
27.06.2024 | Dr.Web products

Major component update in Dr.Web for Windows

Doctor Web is updating a number of software components in Windows for Dr.Web Desktop Security Suite 12.0, Dr.Web Server Security Suite 12.0, and Dr.Web Security Space 12.0. The update improves the applications’ performance and the anti-virus protection quality as well as Dr.Web’s compatibility with the operating system and other software.
24.06.2024 | Dr.Web products | Updates

Doctor Web’s annual virus activity review for 2023

In 2023, Trojan.AutoIt trojan apps, created with the AutoIt scripting language, were once again among the most active threats. They are distributed as part of other malicious software to make the latter more difficult to detect. Trojan.BPlug ad-displaying trojans and various malicious scripts were also highly active. In email traffic, the most commonly detected threats were various malicious scripts and phishing documents. Furthermore, attackers actively distributed malicious programs that exploited vulnerabilities in Microsoft Office documents. Various trojans were also among the threats distributed via email.
13.05.2024 | About viruses | Virus reviews