Defend what you create

Other Resources

Close

Library
My library

+ Add to library

Contact us
24/7 Tech support | Rules regarding submitting

Send a message

Your tickets

Profile

Doctor Web’s October 2019 virus activity review

November 13, 2019

In October, Dr.Web server statistics showed an increase in the total number of threats compared to September. The number of unique threats dropped by 6.86%. The most common threat in email traffic was malware that exploits vulnerabilities in Microsoft Office documents, as well as phishing newsletters. A password stealing trojan topped the list of detected malware and unwanted software, but adware still makes up the majority of all threats.

Principal trends in October

  • A drop in spreading activity of unique malware
  • An upturn in encoder activity

According to Doctor Web’s statistics servers

According to Doctor Web’s statistics servers #drweb

Threats of this month:

Trojan.PWS.Siggen2.34629
A trojan designed to steal passwords.
Adware.Elemental.14
Detects adware downloaded from file sharing services because of link spoofing. Instead of normal files, victims get applications that display advertising as well as install unwanted software.
Adware.SweetLabs.2
Alternative app store and add-on for Windows GUI from the creators of Adware.Opencandy.
Adware.Softobase.15
An installer that distributes outdated software. It changes browser settings.
Adware.Ubar.13
A torrent client that installs unwanted software on devices.
Trojan.InstallCore.3553
Another notorious adware installer. It displays ad banners and installs software without users’ permission.

Statistics for malware discovered in email traffic

Statistics for malware discovered in email traffic #drweb

Exploit.Rtf.CVE2012-0158
A modified Microsoft Office Word document that exploits the CVE2012-0158 vulnerability to execute malicious code.
W97M.DownLoader.2938
A modified Microsoft Office Word document that exploits the CVE2012-0158 vulnerability to execute malicious code.
PDF.Phisher.115
A PDF document used in phishing newsletters.
Exploit.ShellCode.69
A malicious Microsoft Office Word document that exploits the CVE-2017-11882 vulnerability.
Trojan.PWS.Siggen2.34629
A trojan designed to steal passwords.
Trojan.PWS.Stealer.19347
A family of trojans designed to steal passwords and other confidential information stored on an infected computer.

Encoders

In October, cases involving the following trojan encoders were most commonly registered by Doctor Web’s technical support service:

Encoders #drweb

Dangerous websites

In October 2019, the database of non-recommended and malicious websites was updated with 254,849 webpages.

September 2019 October 2019 Dynamics
+ 238 637 + 254 849 + 6.79%

Malicious and unwanted programs for mobile devices

Last month, Doctor Web virus analysts revealed a number of threats on Google Play. They included clicker trojans from the Android.Clickfamily that subscribed users to premium services. Cybercriminals also distributed the Android.HiddenAds trojan adware and the Android.SmsSpy, malware that hooked incoming text messages. In October, our experts detected new modifications to the Android.Joker trojan family. They were able to execute arbitrary code at cybercriminals’ command and clandestinely subscribe victims to costly mobile services.

The most noticeable October event related to mobile malware:

Find out more about malicious and unwanted programs for mobile devices in our special overview.

The Russian developer of Dr.Web anti-viruses

Doctor Web has been developing anti-virus software since 1992

Dr.Web is trusted by users around the world in 200+ countries

The company has delivered an anti-virus as a service since 2007

24/7 tech support

© Doctor Web
2003 — 2019

Doctor Web is the Russian developer of Dr.Web anti-virus software. Dr.Web anti-virus software has been developed since 1992.

2-12А, 3rd street Yamskogo polya, Moscow, Russia, 125040