The page may not load correctly.
June 14, 2022
In May, the number of user requests to decrypt files affected by encoders decreased by 2.53%, compared to the previous month. Trojan.Encoder.26996 was the most active, accounting for almost 37.47% of all incidents.
The most common threats of the month:
User requests to decrypt files affected by encoders decreased by 2.53%, compared to the previous month.
In May 2022, the number of sites masquerading as official download pages of various popular software continued to grow. Cybercrooks continued to use these websites to spread bogus installers that delivered adware and malware to users’ computers.
The snapshot above shows an example of such a website and the launch of such an installer. The website has a certificate with a valid digital signature and additionally notifies the user that the file is allegedly safe to run.
In May, Android.Spy.4498, which steals information from other apps’ notifications, was again the most common mobile threat. That said, its activity continued to decrease. Advertisement trojans from the Android.HiddenAds family also remained among the most widespread Android threats. Their activity, on the contrary, increased slightly compared to April.
During May, Doctor Web analysts discovered new malicious programs in the Google Play catalog. Among them are fraudulent apps from the Android.FakeApp family and Android.Subscription trojans that subscribe users to paid services. Above that, new variants of trojans from Android.PWS.Facebook family were revealed. They steal credentials and other data that is needed to hack Facebook accounts. Fraudsters also spread Android.HiddenAds advertisement trojans in the Google Play catalog.
The following May events related to mobile malware are the most noteworthy:
Find out more about malicious and unwanted programs for mobile devices in our special overview.
© Doctor Web
2003 — 2023
Doctor Web is a cybersecurity company focused on threat detection, prevention and response technologies