November 29, 2021
Our October analysis of Dr.Web’s statistics revealed a 34.87% increase in the total number of threats compared to the previous month. The number of unique threats increased by 39.75%. Nonetheless, adware still made up the majority of detected threats. These threats manifested with with different types of malware. Email traffic was the main way to distribute the PDF files used in phishing newsletters.
In October, we saw a 7.9% increase in user requests to decrypt files affected by encoders compared with September. Trojan.Encoder.26996 was the most active encoder, accounting for 44.02% of all incidents.
Principal trends in October
- Malware acrtivity increased
- Adware remains among the top threats
- PDF files spread in email traffic
According to Doctor Web’s statistics service
The most common threats in October:
- An alternative App Store and Add-On for Windows GUI (graphical user interface) by the creators of Adware, such as “OpenCandy".
- Adware often serving as an intermediary installer of pirate software.
- Adware that spreads through file-sharing services as a result of link spoofing. These links aren’t normal files. They’re applications that display advertisements and install unwanted software.
- A family of applications that install other software on the system.
Statistics for malware discovered in email traffic
- PDF files used in phishing newsletters.
In comparison with September, we saw a 7.9% increase in Uuser requests to decrypt files affected by encoders.
Dr.Web Security Space for Windows protects against encryption ransomware
In October 2021, Doctor Web’s analysts’ turned their attention to sites that offer promotional codes for AliExpress. Fraudsters ask to make purchases through an exclusive link.
This snapshot shows an official Aliexpress affiliate program. After purchasing of goods, the owner of the promotional code will receive money.
Malicious and unwanted programs for mobile devices
In October, adware trojans and other malicious programs threatened Android users. These programs download applications capable of executing arbitrary code.
Moreover, Doctor Web malware analysts detected new threats on the Google Play catalog. They discovered trojans that enroll victims in paid services. They noted the presence of trojans that steal login information and passwords from Facebook accounts. They also found other malicious programms that turn Android devices into proxy servers that redirect fraudulent traffic.
The following October events related to mobile malware are the most noteworthy:
- Detection of new threats on Google Play;
- Adware activity and trojans capable of downloading and executing arbitrary code;
Find out more about malicious and unwanted programs for mobile devices in our special overview.
Find out more with Dr.Web