The page may not load correctly.
April 3, 2019
In March, Doctor Web’s analysts finished studying the trojan that threatened the Counter-Strike 1.6 players. Included in the main threats identified in March is a dynamic in how principal threats compare to the previous month’s. For example, the activity of Trojan.MulDrop8.60634 has decreased three times since February, while the number of threats like Trojan.Packed.24060 and Adware.OpenCandy.243 increased in March. Additionally, the number of domain names added to Dr.Web’s database of non-recommended and dangerous websites has decreased. Doctor Web has also received more data decoding requests from ransomware victims.
In March Doctor Web’s analysts published a thorough study of the Belonard trojan, which exploits zero-day vulnerabilities in the Counter-Strike 1.6 Steam client. Once on the victim’s computer, the trojan replaces the client files and creates proxies to infect other users. The number of malicious CS 1.6 servers created by the Belonard trojan rose to 39% of all official servers registered on Steam. Now all modules of the Belonard Trojan have been successfully detected by Dr.Web’s products and no longer pose a threat to our customers.
Threats of the month:
Decreased amount of threats from:
In March, Doctor Web’s technical support was most often contacted by victims of the following encryption ransomware:
During March 2019, Doctor Web added 270,227 URLs into the Dr.Web database of non-recommended sites.
|February 2019||March 2019||Dynamics|
|+ 288 159||+ 270 227||- 6.63%|
In the past month Doctor Web specialists found many new malicious programs on Google Play. Among them was the infamous family of Android.FakeApp trojans that are distributed as programs for making money online. These trojans open websites that invite users to complete surveys for sponsored companies in exchange for some monetary prize. In order to receive the promised reward, a user must pay commission fees or complete a test transaction to confirm their identity. If they agree, the money gets lost and no reward is granted.
Beyond that, more trojans of the Android.HiddenAds family were discovered last month. Those trojans constantly show annoying ads on top of other program windows and the system’s interface, which makes it difficult to use the infected Android device.
Additionally, hackers continued to spread banking trojans. Doctor Web reported on one such trojan at the end of March. The malicious software known as Flexnet steals money from banking accounts and mobile phones balance.
At the end of the month, Doctor Web’s researchers disclosed details about the vulnerability in the popular Android browser, “UC Browser”, which was able to download plug-ins bypassing the Google Play servers. This vulnerability could have been exploited by hackers in order to spread malware.
Among the most noticeable events related to mobile malware in March:
Find out more about malicious and unwanted programs for mobile devices in our special overview.