All news

Why is this better than a free one-month trial? The reason is simple: you're getting a 2-month license that does include technical support.

According to detection statistics collected by Dr.Web Security Space for mobile devices, adware trojans from various families remained the most common malware. Members of the Android.HiddenAds trojan family were again the most active, despite the fact that users encountered them 8.62% less often. These were followed by Android.MobiDash adware trojans; the number of attacks involving them increased by 11.17%. Android.FakeApp malicious programs, used in various fraudulent schemes, ranked third; they were detected on protected devices 25.17% less frequently.

According to statistics collected by the Dr.Web anti-virus, the total number of threats detected in the second quarter of 2025 decreased by 7.38%, compared to the first quarter. At the same time, the number of unique threats decreased by 23.10%. Unwanted adware apps, backdoors, ad-displaying trojans, and malicious scripts were among the threats most commonly detected on protected devices. In email traffic, most frequently detected were trojan downloaders, various malicious scripts, and trojan droppers.

Doctor Web is updating its interactive file analysis sandbox Dr.Web vxCube. The changes will apply to both the cloud-based and on-premise versions.

Full support has been extended for a number of Dr.Web products in accordance with Doctor Web’s lifecycle policy.

An antivirus security company Doctor Web continues its steady expansion overseas as it gains a foothold on the booming Indonesian market.

Doctor Web’s experts have discovered Android.Spy.1292.origin, spyware whose main target is Russian military personnel. The attackers hide this trojan inside modified Alpine Quest mapping software and distribute it in various ways, including through one of the Russian Android app catalogs. Among other things, the malware sends the attackers phonebook contact information and the infected device’s geolocation. Moreover, this spyware collects data about the files stored on the devices and, when commanded by threat actors, can download additional modules possessing the functionality needed to steal the files.

Users of Dr.Web Enterprise Security Suite (ESS) are strongly recommended to promptly upgrade the product to version 13. Switching to the new version will provide you with full protection and regular updates for the antivirus components.

On April 15, 2025, a special promo is starting for users who have purchased Dr.Web Security Space licenses before September 1, 2024. Renew your license and receive a unique promo code that will allow you to purchase Dr.Web Security Space for mobile devices at 50% off.

Doctor Web is starting a new promo campaign that runs through December 31, 2025: purchase Dr.Web Security Space for mobile devices and Dr.Web Family Security—the app that will help you keep your children and other family members safe in the digital world—and get 10% off!

Every year, cryptocurrencies become more and more common as a payment method. According to the data for 2023, in developed countries about 20% of the population has at some time used such a means of payment, and in developing countries, where the banking sector does not meet the needs of the population, the number of cryptocurrency users is even higher. In cryptocurrency adoption rankings, Russia is among the top ten countries in terms of number of users. Anonymity, fast transactions, global accessibility and low transfer fees are the main advantages that attract ordinary users. Fraudsters, on the other hand, appreciate the irreversibility of the transactions, the lack of regulation, and the lack of user knowledge due to the relative novelty of the technology, which allows them to implement a variety of illicit enrichment schemes.

Version 2.0 is the latest release of Dr.Web Katana.

Modern IT infrastructures increasingly rely on container technologies, including Docker. These lightweight, standalone packages for running a variety of applications are valued for their effectiveness and easy integration with infrastructures. Such containers simplify application development, testing, and deployment; they offer exceptional scalability and allow companies to reduce their update release cycle.

According to statistics collected by the Dr.Web anti-virus, the total number of threats detected in the first quarter of 2025 increased by 7.23%, compared to the fourth quarter of 2024. At the same time, the number of unique threats decreased by almost a third—27.59%. This suggests that, while increasing the intensity of their attacks, threat actors were using the same malicious and unwanted applications in them more often. Malicious scripts with different functionality, ad-displaying trojans, and adware apps were the most widespread threats.

According to detection statistics collected by Dr.Web Security Space for mobile devices, ad-displaying Android.HiddenAds trojans remained the most common Android malware. Moreover, they were detected on protected devices more than twice as often as in the fourth quarter of last year. Second place once again went to Android.FakeApp malware, which cybercriminals use in various fraudulent schemes—their activity increased by almost 8%. Adware trojans from the Android.MobiDash family ranked third; the number of their detections almost quintupled.

From March 11, 2025, through March 31, 2025, Doctor Web is offering you the unique opportunity to purchase antivirus protection for your devices at a discount. When you simultaneously purchase a one-year license for Dr.Web Security Space for 1 computer and Dr.Web Security Space for 1 mobile device, you’ll get 10% off both products.

Dr.Web Family Security—our mobile application for digital security for the entire family—is now available for download on Google Play. During installation, you can take advantage of a free 14-day trial period to evaluate all of its features.

Create a secure digital environment with Dr.Web Family Security—the perfect solution for providing digital care for your loved ones.

In 2024, ad-displaying trojans were once again the most widespread Android threats. Fraudulent software, ransom trojans, clickers, and banking trojans were more active than in the previous year. Among the latter, compared to 2023, the most common were simple banking trojans that steal only online bank account access data and SMS confirmation codes.

In 2024, malicious programs created with the AutoIt scripting language and distributed as part of other malicious apps to make the latter more difficult to detect were once again among the most widespread threats. In addition, adware trojans and all kinds of malicious scripts were highly active. In email traffic, malicious scripts were also most commonly detected. Furthermore, threat actors used spam emails to distribute various trojans, phishing documents, and exploits that allow arbitrary code to be executed.

Doctor Web continues to improve the antispam module in its products to ensure that unsolicited emails can be filtered out even more effectively.

When analyzing telemetry data, virus analysts at Doctor Web identified malware samples that, upon closer examination, turned out to be components of an active campaign to mine the Monero cryptocurrency. This campaign is notable because it is implemented as a series of malware chains, two of which are based on executing scripts that extract malicious payloads from BMP image files.

According to detection statistics collected by Dr.Web Security Space for mobile devices, Android.HiddenAds ad-displaying trojans were the malware programs most frequently detected in the fourth quarter of 2024 (Q4). The second most common threats were Android.FakeApp trojans, which are used in fraudulent schemes. Trojans from the Android.Siggen family, capable of executing various malicious tasks, ranked third.

According to the statistics collected by the Dr.Web anti-virus, the total number of threats detected in the fourth quarter of 2024 decreased by 1.53%, compared to the third quarter. At the same time, the number of unique threats increased by 94.43%. Among the most commonly detected threats were adware programs and adware trojans, malicious scripts, and trojans that are distributed with other malware and used to make the main payload difficult to detect. The majority of detections in email traffic were due to malicious scripts, adware trojans, and cryptocurrency-mining trojans. Increased activity on the part of spyware malicious apps was also noted.

Malware analysts at “Doctor Web” warn about the emergence of new versions of the NGate banking trojan, targeting users in Russia. This trojan relays data from the NFC chip of the compromised device, allowing the attacker to withdraw money from the victim's accounts at ATMs without any victim’s involvement.