Library
My library

+ Add to library

Contact us
24/7 Tech support | Rules regarding submitting

Send a message

Your tickets

Profile

Doctor Web’s October 2021 virus activity review

November 29, 2021

Our October analysis of Dr.Web’s statistics revealed a 34.87% increase in the total number of threats compared to the previous month. The number of unique threats increased by 39.75%. Nonetheless, adware still made up the majority of detected threats. These threats manifested with with different types of malware. Email traffic was the main way to distribute the PDF files used in phishing newsletters.

In October, we saw a 7.9% increase in user requests to decrypt files affected by encoders compared with September. Trojan.Encoder.26996 was the most active encoder, accounting for 44.02% of all incidents.

Principal trends in October

  • Malware acrtivity increased
  • Adware remains among the top threats
  • PDF files spread in email traffic

According to Doctor Web’s statistics service

According to Doctor Web’s statistics service

The most common threats in October:

Adware.SweetLabs.5
An alternative App Store and Add-On for Windows GUI (graphical user interface) by the creators of Adware, such as “OpenCandy".
Adware.Downware.19998
Adware often serving as an intermediary installer of pirate software.
Adware.Elemental.17
Adware that spreads through file-sharing services as a result of link spoofing. These links aren’t normal files. They’re applications that display advertisements and install unwanted software.
Adware.OpenCandy.247
Adware.OpenCandy.248
A family of applications that install other software on the system.

Statistics for malware discovered in email traffic

Statistics for malware discovered in email traffic

PDF.Phisher.313
PDF.Phisher.311
PDF.Phisher.314
PDF.Phisher.312
PDF.Phisher.321
PDF files used in phishing newsletters.

Encryption ransomware

In comparison with September, we saw a 7.9% increase in Uuser requests to decrypt files affected by encoders.

Encryption ransomware

Dangerous websites

In October 2021, Doctor Web’s analysts’ turned their attention to sites that offer promotional codes for AliExpress. Fraudsters ask to make purchases through an exclusive link.

Dangerous websites

This snapshot shows an official Aliexpress affiliate program. After purchasing of goods, the owner of the promotional code will receive money.

Malicious and unwanted programs for mobile devices

In October, adware trojans and other malicious programs threatened Android users. These programs download applications capable of executing arbitrary code.

Moreover, Doctor Web malware analysts detected new threats on the Google Play catalog. They discovered trojans that enroll victims in paid services. They noted the presence of trojans that steal login information and passwords from Facebook accounts. They also found other malicious programms that turn Android devices into proxy servers that redirect fraudulent traffic.

The following October events related to mobile malware are the most noteworthy:

Find out more about malicious and unwanted programs for mobile devices in our special overview.

© Doctor Web
2003 — 2022

Doctor Web is a cybersecurity company focused on threat detection, prevention and response technologies