Virus library
Knowledge database
Last updated: 2020-03-05 10:13:10 MSK

Top virus chart

Tool.KMS.72.55%
JS.Siggen5.445901.91%
Tool.KMS.301.91%
Trojan.Equation.751.27%
Trojan.Equation.741.27%
Search in virus database

Dr.Web Rescue Pack

Doctor Web’s August 2020 virus activity review

[% DEFAULT FILE_REVIEW = ''; NAME_SOME_ARRAY_IN_MACROSNAME = [ { box => "Overview" }, { box => "Statistics" }, { box => "Encryption ransomware" }, { box => "Dangerous websites" }, { box => "Mobile devices" } ] #FILE_REVIEW = 'https://st.drweb.com/static/new-www/news/2020/DrWeb_review_august_2020.pdf' %] [% BLOCK global.tpl_blueprint.content %]

September 16, 2020

The August analysis of Dr.Web’s statistics revealed a notable decrease in the total number of detected threats — by 67.16% compared to the previous month. The number of unique threats dropped by 9.85%. Adware and malware installers still made up the majority of detected threats. Email traffic was still dominated by the programs that exploit vulnerabilities in Microsoft Office programs. In addition, users were threatened by malicious HTML documents that were distributed as attachments and redirected users to phishing websites.

In August, the number of user requests to decrypt files affected by encoders decreased by 2.5% compared with July. Trojan.Encoder.26996 was the most active encoder, accounting more than a quarter of all incidents.

Principal trends in August

  • A decline in malware activity
  • A decline in the number of unique threats

According to Doctor Web’s statistics service

According to Doctor Web’s statistics service #drweb

The most common threats in August:

Trojan.LoadMoney.4020
A family of malware installers that deploy additional components on victims’ computers along with the required applications. Some trojan modifications can collect various information about the attacked computer and transmit it to hackers.
Adware.Downware.19741
Adware that often serves as an intermediary installer of pirate software.
Adware.Softobase.15
Installation adware that spreads outdated software and changes the browser settings.
Adware.Elemental.17
Adware that spreads through file sharing services as a result of link spoofing. Instead of normal files, victims receive applications that display advertisements and install unwanted software.
Adware.Ubar.18
A torrent client designed to install unwanted programs on a user’s device.

Statistics for malware discovered in email traffic

Statistics for malware discovered in email traffic #drweb

W97M.DownLoader.2938
A family of downloader trojans that exploits vulnerabilities in Microsoft Office documents and can download other malicious programs to a compromised computer. Designed to download other malware onto a compromised computer.
Exploit.CVE-2012-0158
A modified Microsoft Office document that exploits the CVE-2012-0158 vulnerability in order to run malicious code.
HTML.Redirector.35
HTML.Redirector.32
Malicious HTML documents that are often disguised as harmless email attachments. Upon opening, the code redirects users to phishing websites or downloads payload with malware to the computers.
Tool.KMS.7
Hacking tools used to activate illegal copies of Microsoft software.

Encryption ransomware

In August, Doctor Web’s virus laboratory registered 2.5% fewer requests to decode files encoded by trojan ransomware than in July.

Encryption ransomware #drweb

Dr.Web Security Space for Windows protects against encryption ransomware

Training course
Dr.Web Rescue Pack

Dangerous websites

In August 2020, Doctor Web added 174,501 URLs to the Dr.Web database of non-recommended websites.

July 2020 August 2020 Dynamics
+ 198,467 + 174,501 - 12.08%
Non-recommended websites

Malicious and unwanted programs for mobile devices

In August, Doctor Web malware analysts detected new threats on the Google Play catalog. Numerous modifications of the Android.FakeApp family were among them. This trojans were distributed under the guise of reference software with bogus information about how to get a VAT refund and social benefits. In fact, they downloaded fraudulent websites used by attackers to steal money and personal information from victims. In addition, our specialists uncovered another modification from dangerous Android.Joker trojan family. It downloaded and ran arbitrary code, as well as subscribed Android users to paid services.

The following August events related to mobile malware are the most noteworthy:

Learn more about malicious and unwanted programs for mobile devices in our August overview.

Find out more with Dr.Web

Training courses
Educational projects
[% END %]

Back to articles list

BUY from our partners | online | with mobile | Add to the library
Company | News&Events | Send a virus | Online scanner | Privacy policy | Site map
[You Tube] [Twitter] [Facebook] [Instagram] [Spiceworks]
Doctor Web is the Russian developer of Dr.Web anti-virus software. We have been developing our products since 1992. The company is a key player on the Russian market for software that meets the fundamental need of any business — information security. Doctor Web is one of the few anti-virus vendors in the world to have its own technologies to detect and cure malware. Our anti-virus protection system allows the information systems of our customers to be protected from any threats, even those still unknown. Doctor Web was the first company in Russia to offer an anti-virus as a service and, to this day, is still the undisputed Russian market leader in Internet security services for service providers. Doctor Web has received state certificates and awards; our satisfied customers spanning the globe are clear evidence of the high quality of the products created by our talented Russian programmers.

www.drweb.com | estore.drweb.com | curenet.drweb.com | www.av-desk.com | free.drweb.com