The page may not load correctly.
May 13, 2021
In April, an analysis of Dr. Web’s statistics revealed a 1.73% increase in the total number of threats compared to the previous month. The number of unique threats dropped by 35.6%. Adware still made up the majority of detected threats. Various malware that includes obfuscated, malicious scripts and programs exploiting vulnerabilities in Microsoft Office utilities were the most frequently detected threats in email traffic.
In April, the number of user requests to decrypt files affected by encoders decreased by 2.73% compared with March. Trojan.Encoder.567 was the most active, accounting for 15.71% of all incidents.
The most common threats in April:
In April, Doctor Web's virus laboratory received 2.73% fewer requests to decrypt files from users affected by ransomware compared to the previous month.
In April 2021, Doctor Web's Internet analysts discovered many phishing sites. Among other things, attackers faked web pages of household appliance stores. For example, the fraudulent sites were disguised as official resources of M.Video. After clicking the “Go to site” button, users found themselves in a fake online store.
This is a snapshot of the fraudulent website with a fake promocodes.
Attackers lured victims to phishing sites using social engineering. They expected that in the hope of getting cheaper goods, buyers would activate special promotional codes. If the user fell for the trick, the fraudster received personal data, which was used, for example, to debit money from the victim's bank account.
In addition, in April, there were cases of redirection to fake payment system sites. There, users entered their bank card details, confirmed the payment, but did not receive the products.
Last month, Doctor Web virus analysts found out that one of the versions of the client application of the popular third-party catalog of Android programs, APKPure, contains malicious functionality. The trojan detected in it, Android.Triada.4912, used an auxiliary component to download other programs and display various websites.
In addition, our experts identified the first malicious applications in the AppGallery software catalog. They are trojans from the Android.Joker family, capable of executing arbitrary code and subscribing users to paid mobile services.
In addition, another trojans from the Android.FakeApp family, used for fraudulent purposes, were found on Google Play.
The following April events related to mobile malware are the most noteworthy:
Find out more about malicious and unwanted programs for mobile devices in our special overview.