FOR CUSTOMERS

Close

Library
My library

+ Add to library

Search
Search

Contact us
24/7 Tech support | Rules regarding submitting

Send a message

A query form

Call us

+7 (495) 789-45-86

Forum

Your tickets

New ticket

Call us

+7 (495) 789-45-86

Profile

EN

RU CN DE EN ES FR IT JP KZ UZ PL BY
Close
News

News by topic

Virus alerts
The Anti-virus Times
News boxes
Press center

Doctor Web’s November 2019 virus activity review

December 11, 2019

In November, Doctor Web server statistics confirmed a 3.66% growth in the number of the detected threats as compared with October. The number of unique threats grew by 9.59%. As for email traffic, the most common threats exploited MS Office vulnerabilities. There was also a large number of trojan downloaders and stealers. Adware made up the majority of detected threats. Last month, we also found new Android malware on Google Play. The list featured a dangerous backdoor, trojan adware, and trojans that subscribed users to paid services.

PRINCIPAL TRENDS IN NOVEMBER

  • Growth in malware spreading activity
  • A decline in ransomware activity

According to Doctor Web statistics servers

According to Doctor Web statistics servers #drweb

Threats of this month:

Adware.Elemental.14
Detects adware downloaded from file sharing services because of link spoofing. Instead of normal files, victims get applications that display advertising and install unwanted software.
Adware.SweetLabs.2
Alternative app store and add-on for Windows GUI from the creators of Adware.Opencandy.
Adware.Downware.19627
Adware that often serves as an intermediary installer of pirate software.
Adware.Ubar.13
A torrent client that installs unwanted software on devices.
Trojan.InstallCore.3553
Another notorious adware installer. It displays ad banners and installs software without users’ permission.

Statistics for malware discovered in email traffic

Statistics for malware discovered in email traffic #drweb

Exploit.Rtf.CVE2012-0158
Modified Microsoft Office document. Exploits CVE2012-0158 vulnerability in order to run malicious code.
W97M.DownLoader.2938
A family of downloader trojans that exploit vulnerabilities in Microsoft Office documents and can download other malicious programs to a compromised computer.
PDF.Phisher.115
A PDF document used in phishing newsletters.
Exploit.ShellCode.69
A malicious Microsoft Office Word document that exploits the CVE-2017-11882 vulnerability.
Trojan.PWS.Stealer.23680
A family of Trojans designed to steal passwords and other confidential information stored on an infected computer.

Encoders

In November, Doctor Web’s technical support service was most commonly dealing with the following trojan encoders:

Encoders #drweb

Dr.Web Security Space for Windows protects you from trojan encoders

Training course
Dr.Web Rescue Pack

Dangerous websites

In November 2019, Doctor Web added 162,581 URLs to the Dr.Web database of non-recommended websites.

October 2019 November 2019 Dynamics
+ 254 849 + 162,581 - 36.2%
Non-recommended websites

Malicious and unwanted programs for mobile devices

In November, we detected new malware on Google Play. Again, users were targeted by the trojan adware of the Android.HiddenAds family that displayed obnoxious banners and interfered with the normal work with Android devices. Apart from that, cybercriminals were spreading the malware of the Android.Joker family. These trojans spy on victims and subscribe them to paid services; while some modifications can execute arbitrary code and launch extra malicious modules.

Doctor Web virus analysts also detected a new version of the Android.Backdoor.735.origin backdoor that executes cybercriminal commands and is designed as spyware.

The following November events relating to mobile malware are the most noteworthy:

Find out more about malicious and unwanted programs for mobile devices in our special overview.

Learn more with Dr.Web

Training course
Booklets