The page may not load correctly.
July 26, 2022
The number of user requests to decrypt files affected by encoders rose by 17.26%, compared to May. Trojan.Encoder.26996 was once again the most widespread encoder type, accounting for 33% of all incidents.
The most common threats of the month:
The number of user requests to decrypt files affected by encoders increased by 17.26%, compared to May.
Last month, Doctor Web’s specialists continued tracing massive spam campaigns involving the distribution of emails containing links to fraudulent websites. In particular, fake websites of well-known oil and natural gas companies remain extremely popular among cybercriminals. When visiting such online resources, potential victims are invited to become investors, receive free assets or participate in prize draws. To do so, users are asked to “register” an account by providing their name, mobile phone number, and other personal information. In other cases, they need to pay for an allegedly required service, like a tax fee, a commission for transferring “winnings”, or currency conversion. In the end, victims of such scams receive nothing they were promised, and only ending up sending confidential data to malicious actors and losing money.
An example of an unwanted email containing a link to a fraudulent website and step-by-step instructions for users:
Examples of fraudulent websites offering registration, after which users will allegedly have a profitable natural gas trading opportunity:
In June, we saw the continued decrease in activity on the part of the Android.Spy.4498 trojan, which hijacks information from other apps’ notifications. However, this malware remains the most widespread Android threat. The activity of adware trojans also decreased, compared to May.
During June, our specialists discovered a large number of malicious applications on Google Play. Among them were Android.HiddenAds adware trojans, Android.FakeApp fraudulent apps, and trojans from the Android.PWS.Facebook family. The latter are designed to steal users’ Facebook logins and passwords. In addition, our malware analysts uncovered other trojans from the Android.Joker family that subscribe victims to paid mobile services.
The following June events related to mobile malware are the most noteworthy:
Find out more about malicious and unwanted programs for mobile devices in our special overview.