Library
My library

+ Add to library

Contact us
24/7 Tech support | Rules regarding submitting

Send a message

Your tickets

Profile

Redis honeypot: server with vulnerable Redis database reveals new SkidMap modification used to hide cryptocurrency mining process

Doctor Web virus analysts have identified a new rootkit modification that installs the Skidmap mining trojan on compromised Linux machines. This rootkit is designed as a malicious kernel module that hides the miner’s activity by providing fake information about CPU usage and network activity. This attack appears to be indiscriminate, primarily targeting the enterprise sector—large servers and cloud environments—where mining efficiency can be maximized.
03.10.2024 | About viruses | Real-time threat news

Doctor Web’s Q3 2024 review of virus activity on mobile devices

According to detection statistics collected by Dr.Web Security Space for mobile devices, Android.FakeApp trojan apps, used by threat actors in various fraudulent schemes, were the malicious programs most frequently detected on protected devices in the third quarter of 2024. Adware trojans from the Android.HiddenAds family ranked second. The third most commonly detected threats were Android.Siggen trojans—programs that have different malicious functionality and that are difficult to classify into any particular family.
01.10.2024 | Updates | About viruses | Mobile threats | Virus reviews

Doctor Web’s Q3 2024 virus activity review

According to the detection statistics collected by the Dr.Web antivirus, the total number of threats detected in the third quarter of 2024 was up 10.81% over the previous quarter. The number of unique threats decreased by 4.73%. The majority of detections were due to adware programs. Also widespread were malicious scripts, ad-displaying trojans, and trojans distributed within other malware to make the latter more difficult to detect. In email traffic, malicious scripts and programs that exploit vulnerabilities in Microsoft Office documents were most commonly detected.
01.10.2024 | About viruses | Virus reviews

Doctor Web resumed virus database updates after the attack on its infrastructure

Now that the dangerous situation involving the attack on Doctor Web's infrastructure has been resolved successfully, we're happy to bring you up to speed on the latest developments and present the security incident's complete timeline.
18.09.2024 | Dr.Web products | Real-time threat news | Corporate news

Doctor Web's resources attacked



On Saturday, September 14, Doctor Web specialists recorded a targeted attack on the company's resources. The attempt to harm our infrastructure was prevented in a timely manner, and no user whose system was protected by Dr.Web was affected.
17.09.2024 | Real-time threat news | Corporate news

Void captures over a million Android TV boxes

Doctor Web experts have uncovered yet another case of an Android-based TV box infection. The malware, dubbed Android.Vo1d, has infected nearly 1.3 million devices belonging to users in 197 countries. It is a backdoor that puts its components in the system storage area and, when commanded by attackers, is capable of secretly downloading and installing third-party software.
12.09.2024 | Dr.Web products | About viruses | Real-time threat news

Doctor Web Antivirus Laboratory Chief spoke on the growing threat to Linux at the annual cybersecurity forum in China

Doctor Web took part in the annual cybersecurity summit and international antivirus conference in Tianjin, China. The second CSST (Cyber Security Summit in Tianjin) event was devoted to the theme "Jointly Building Cyber Security and Governing Cyberspace".
09.09.2024 | Corporate news

Gaining persistence in a compromised system using Yandex Browser. Failed spear phishing attack on Russian rail freight operator.

Social engineering is a highly effective fraud technique that is difficult to withstand. A skilled attacker knows how to find the right approach to intimidate or persuade a victim to perform an action. But what if an attack requires little communication effort, and a computer stops being a digital assistant and becomes an unwitting accomplice?
04.09.2024 | Dr.Web products | About viruses | Real-time threat news

License coverage changes for Dr.Web Security Space for desktops and laptops—effective September 1, 2024

Starting September 1, 2024, Dr.Web Security Space licenses for desktops and laptops will no longer provide additional protection for Android devices.
30.08.2024 | Dr.Web products

Promo "Back to school!" – Get a 30% discount on Dr.Web Security Space

In the run-up to the new school year, Doctor Web is launching a promo: from August 21 to September 3, 2024, you can get 30% off comprehensive anti-virus protection for 4 computers for 1 year.
21.08.2024 | Dr.Web products | Promos

Dr.Web products for mobile devices now officially support Android OS 14

Doctor Web has added official support for Android OS 14 to all the versions of its mobile device products: Dr.Web Mobile Security Suite, Dr.Web Security Space for mobile devices, and the subscription-based Dr.Web Antivirus.
13.08.2024 | Dr.Web products | Updates

Components in Dr.Web products for Windows updated

Following the update of its standalone Dr.Web antiviruses for Windows, Doctor Web is introducing similar upgrades for its products that support remote administration via the Control Center. This update boosts application performance and further enhances antivirus security in Dr.Web-protected systems.
18.07.2024 | Dr.Web products | Updates

Dr.Web Security Space for Android TV temporarily unavailable on Google Play

Doctor Web is notifying users that its antivirus app Dr.Web Security Space for Android is temporarily unavailable on Google Play for download to Android TV devices. The availability interruption is caused by changes to the app publishing format requirements introduced by Google for Android TV.
09.07.2024 | Dr.Web products

Do shoot the messenger: Telegram-controlled backdoor trojan targets Linux servers

Doctor Web virus analysts exposed a Linux version of the well-known TgRat trojan, which is used for targeted attacks on computers. One notable feature of this trojan is that it is controlled via a Telegram bot.
04.07.2024 | Dr.Web products | Real-time threat news

Doctor Web’s Q2 2024 review of virus activity on mobile devices

According to detection statistics collected by the Dr.Web for Android anti-virus, in the second quarter of 2024, Android.HiddenAds adware-displaying trojans were most commonly detected on protected devices.
01.07.2024 | Updates | About viruses | Mobile threats | Virus reviews

Doctor Web’s Q2 2024 virus activity review

According to the detection statistics collected by the Dr.Web anti-virus, in the second quarter of 2024, the most common threats were unwanted adware programs and adware trojans, and also malware that is distributed as part of other trojans and used to make the latter more difficult to detect.
01.07.2024 | Dr.Web products | About viruses | Virus reviews

Full Dr.Web product support period extended for one year

Doctor Web has extended full support for its latest Dr.Web product releases by one year—until June 30, 2025.
27.06.2024 | Dr.Web products

Major component update in Dr.Web for Windows

Doctor Web is updating a number of software components in Windows for Dr.Web Desktop Security Suite 12.0, Dr.Web Server Security Suite 12.0, and Dr.Web Security Space 12.0. The update improves the applications’ performance and the anti-virus protection quality as well as Dr.Web’s compatibility with the operating system and other software.
24.06.2024 | Dr.Web products | Updates

Doctor Web’s annual virus activity review for 2023

In 2023, Trojan.AutoIt trojan apps, created with the AutoIt scripting language, were once again among the most active threats. They are distributed as part of other malicious software to make the latter more difficult to detect. Trojan.BPlug ad-displaying trojans and various malicious scripts were also highly active. In email traffic, the most commonly detected threats were various malicious scripts and phishing documents. Furthermore, attackers actively distributed malicious programs that exploited vulnerabilities in Microsoft Office documents. Various trojans were also among the threats distributed via email.
13.05.2024 | About viruses | Virus reviews

Smart-sex-toy users targeted by clicker trojan

Virus analysts at Doctor Web uncovered an Android application containing a clicker trojan that silently opens advertising sites and clicks on webpages. Such trojans can be used to stealthily display ads, generate click fraud, sign up unsuspecting victims for paid subscriptions or launch DDoS attacks.
04.05.2024 | Updates | Mobile threats | Real-time threat news

New version of the free anti-virus Dr.Web Light for Android

Russian anti-virus company Doctor Web has updated its free anti-virus Dr.Web Light for Android.
02.05.2024 | Dr.Web products | Updates

A special May offer — a 15% discount on Dr.Web Security Space to protect 2 computers for 2 years

The time has come to purchase Dr.Web protection on advantageous terms: for May 1-14, 2024, instead of costing 63,84 EUR (VAT incl.), Dr.Web Security Space comprehensive protection (2 computers / 2 years) will cost 54,26 EUR (VAT incl.).
01.05.2024 | Dr.Web products | Promos

Update to be released for Dr.Web vxCube sandbox

Please be aware that the cloud version of the Dr.Web vxCube sandbox will be updated shortly. Therefore, the service will be unavailable to users on April 24 from 13:00 to 14:00 MSK.
23.04.2024 | Updates

Doctor Web’s review of virus activity on mobile devices in 2023

In 2023, ad-displaying trojans were the most common Android threats. Compared with the year prior, spyware trojans were less active and ranked second in terms of the number of times they were detected on devices protected with the Dr.Web anti-virus.
17.04.2024 | About viruses | Virus reviews

Doctor Web’s February 2024 review of virus activity on mobile devices

According to detection statistics collected by the Dr.Web for Android anti-virus, February 2024 saw a significant increase in Android.HiddenAds trojan family activity―it was up 73.26% from January. At the same time, users were 58.85% less likely to encounter the adware trojan family Android.MobiDash.
01.04.2024 | Dr.Web products | Updates | About viruses | Mobile threats | Virus reviews