Our October analysis of Dr.Web’s statistics revealed a 34.87% increase in the total number of threats compared to the previous month. The number of unique threats increased by 39.75%. Nonetheless, adware still made up the majority of detected threats. These threats manifested with with different types of malware. Email traffic was the main way to distribute the PDF files used in phishing newsletters.

In October, we saw a 7.9% increase in user requests to decrypt files affected by encoders compared with September. Trojan.Encoder.26996 was the most active encoder, accounting for 44.02% of all incidents.

Principal trends in October

Malware acrtivity increased
Adware remains among the top threats
PDF files spread in email traffic

According to Doctor Web’s statistics service

The most common threats in October:

Adware.SweetLabs.5: An alternative App Store and Add-On for Windows GUI (graphical user interface) by the creators of Adware, such as “OpenCandy".
Adware.Downware.19998: Adware often serving as an intermediary installer of pirate software.
Adware.Elemental.17: Adware that spreads through file-sharing services as a result of link spoofing. These links aren’t normal files. They’re applications that display advertisements and install unwanted software.
Adware.OpenCandy.247
Adware.OpenCandy.248: A family of applications that install other software on the system.

Statistics for malware discovered in email traffic

PDF.Phisher.313
PDF.Phisher.311
PDF.Phisher.314
PDF.Phisher.312
PDF.Phisher.321: PDF files used in phishing newsletters.

Encryption ransomware

In comparison with September, we saw a 7.9% increase in Uuser requests to decrypt files affected by encoders.

Trojan.Encoder.26996 — 44.02%
Trojan.Encoder.567 — 8.18%
Trojan.Encoder.30356 — 0.94%
Trojan.Encoder.11539 — 0.63%
Trojan.Encoder.28501 — 0.63%

Dr.Web Security Space for Windows protects against encryption ransomware

Configure Dr.Web to protect your computer from encryption ransomware!

Training course

About free recovery

Dr.Web Rescue Pack

Dangerous websites

In October 2021, Doctor Web’s analysts’ turned their attention to sites that offer promotional codes for AliExpress. Fraudsters ask to make purchases through an exclusive link.

This snapshot shows an official Aliexpress affiliate program. After purchasing of goods, the owner of the promotional code will receive money.

Find out more about Dr.Web non-recommended sites

Malicious and unwanted programs for mobile devices

In October, adware trojans and other malicious programs threatened Android users. These programs download applications capable of executing arbitrary code.

Moreover, Doctor Web malware analysts detected new threats on the Google Play catalog. They discovered trojans that enroll victims in paid services. They noted the presence of trojans that steal login information and passwords from Facebook accounts. They also found other malicious programms that turn Android devices into proxy servers that redirect fraudulent traffic.

The following October events related to mobile malware are the most noteworthy:

Detection of new threats on Google Play;
Adware activity and trojans capable of downloading and executing arbitrary code;

Find out more about malicious and unwanted programs for mobile devices in our special overview.

Find out more with Dr.Web

The Anti-virus Times

Training courses

Brochures

Educational projects

Doctor Web is a cybersecurity company focused on threat detection, prevention and response technologies

Doctor Web in social networks

Link accounts

For Telegram

Self-support