September 2011 from Kaspersky Lab

[Krumpelt]

Hi guys!
Kaspersky Lab presented monthly malware statistics and threats rating. Please read it if you have a interest for the full article:

http://www.securelist.com/en/analysis/204792195/Monthly_Malware_Statistics_September_2011

The cybercriminals’ new bag of tricks

BIOS infections: the final frontier?
September saw events that could well have a major bearing on the future development of malware and antivirus technology, following the discovery by experts from several antivirus companies of a Trojan capable of infecting BIOS...

Attacks against individual users

Closure of the Hlux/Kelihos botnet
September saw a major breakthrough in the battle against botnets – the closure of the Hlux botnet...

The DigiNotar hack
We have added the attack on Dutch certificate authority DigiNotar to the list of threats affecting individual users...

Pushing rogue AV via Skype
Back in March Skype calls were being used to lure unsuspecting users to download rogue antivirus programs. If users’ Skype settings didn’t restrict calls from people not on their contact list, then they may well have received calls from specially created malicious accounts with names such as ONLINE REPORT NOTICE or System Service...

Mobile threats
We detected 680 new variations of malicious programs for different mobile platforms in September – 559 of them were for Android...

SpitMo + SpyEye = stolen mTANs
There are currently two known mobile Trojans – ZitMo and SpitMo – that are designed to intercept text messages containing mTANs sent by banks to their online customers. The former works in tandem with ZeuS, while the latter is linked to another notorious Trojan – SpyEye...

Attacks via QR codes
At the end of September we detected the first attempts at using QR codes in malicious attacks. Nowadays a lot of people use their PCs to find new apps for their mobile devices...

MacOS threats: the new Trojan concealed inside a PDF
In late September our F-Secure colleagues detected yet more malicious code aimed at Mac OS X users (detected by Kaspersky Lab as Backdoor.OSX.Imuler.a). This malicious program is capable of receiving additional commands from a control server as well as downloading random files and screenshots to the server from an infected system...


Attacks on state and corporate networks

Attack on Mitsubishi
News about an attack on the Japanese corporation Mitsubishi appeared in the middle of the month, although our research suggests that it was most probably launched as far back as in July and entered its active phase in August...

Lurid
A potentially far more serious incident was uncovered by Trend Micro during research by the company’s experts. They managed to intercept requests to several servers that were being used to control a network of 1,500 compromised computers located mainly in Russia, former Soviet republics and countries in eastern Europe. This particular incident has been named Lurid...

Lessons from history: 10th anniversary of the Nimda worm
One of the more significant stories of the early 21st century was that of the Nimda worm. Ten years ago Nimda used a variety of methods to infect PCs and servers, but the most prominent infections, which amounted to a global epidemic, were spread via email attachments...

[Krumpelt]

Monthly Malware Statistics: October 2011

Hi guys!
Kaspersky Lab presented monthly malware statistics and threats rating. Please read it if you have a interest for the full article:

http://www.securelist.com/en/analysis/204792200/Monthly_Malware_Statistics_October_2011

October ratings:


Duqu – the new Stuxnet

Bundestrojan: permissible limits

Mobile threats: Android leads the way

Trojan-Spy.AndroidOS.Antammi.b.

Mac OS threats: new features

Japan: in the hackers’ sights

The US: new details about old incidents

[Raymond]

US still remains the top spot of having the most malwares.