The page may not load correctly.
January 27, 2023
The number of user requests to decrypt files affected by encoders decreased by 1.5%, compared to November. Most often, victims were targeted by Trojan.Encoder.3953, Trojan.Encoder.26996, and Trojan.Encoder.34027.
During December, Doctor Web’s malware analysts again discovered many new threats on Google Play. Among them were both trojan and unwanted applications.
The most common threats of the month:
In December 2022, the number of requests to decrypt files damaged by encoder trojans decreased by 1.5%, compared to November.
In December 2022 Doctor Web’s Internet analysts again observed an increased number of websites disguised as the online resources of large Russian oil and natural gas companies. On those sites, potential victims were offered the chance to make a profitable investment in certain projects.
The screenshot above depicts an example of one such site. Fraudsters offer users the opportunity to trade in natural gas, while the webpage contains fake counters for the total number of visitors and the number of membership positions left to register. The second counter shows that almost no positions are left. This method is used to push victims into making an impulse purchase—they agree to the offer without planning in advance and under the influence of their emotions. To “begin” trading, site visitors are required to provide personal information.
According to detection statistics collected by Dr.Web for Android, the last month of 2022 saw an increase in adware trojan and spyware activity. With that, during December, many new threats were once again discovered on Google Play. Among them were dangerous trojans from the Android.Joker family that subscribed victims to paid services, fake apps from Android.FakeApp family that are used in various fraudulent schemes, and unwanted software.
The following December events involving mobile malware are the most noteworthy:
Find out more about malicious and unwanted programs for mobile devices in our special overview.