The page may not load correctly.
October 9, 2019
In September, Dr.Web server statistics showed an increase in the total number of threats by 19.96%, as compared with the previous month. At the same time, the share of unique threats decreased by 50.45%. Users were mostly attacked by adware, as well as software downloaders and installers. In email traffic, again, prevailed the threats that exploit Microsoft Office vulnerabilities to infect devices.
The number of requests to decrypt files affected by trojan encoders has increased. Trojan.Encoder.858 was the most active encoder, accounting for 16.60% of all incidents. Besides, the database of non-recommended and malicious websites was updated with almost twice as many Internet addresses as in August.
The most common threats in September:
In September, Doctor Web’s technical support service registered 14.59% more requests to decode files encoded by trojan ransomware than in August.
The majority of cases involve the following encoders:
In September 2019, Dr.Web database was updated with 238,637 URLs of non-recommended websites.
In September, we detected a lot of malware on Google Play. Earlier this month, Doctor Web virus analysts detected the banking trojan Android.Banker.347.origin that attacked users from Brazil. It hooked text messages with confirmation codes and could load fraudulent websites at the command of attackers. Another banker, found at the end of the month, was dubbed Android.Banker.352.origin. It stole the credentials of users at the YoBit cryptocurrency exchange.
Among the threats spreading via Google Play were the trojan downloaders Android.DownLoader.920.origin and Android.DownLoader.921.origin that downloaded other malicious applications. Virus analysts have also detected the Android.HiddenAds adware trojans. Besides, our experts discovered several modifications of trojans of the Android.Joker family. They subscribed users to expensive services, could hook text messages, and transmitted the contact lists of infected devices to cybercriminals. These trojans could also download and then launch auxiliary modules and were able to execute arbitrary code.
Virus analysts have also identified new versions of riskware designed for cyber spying.
The following events are among the most notable regarding mobile security in September:
Find out more about malicious and unwanted programs for mobile devices in our special overview.