Fujitsu fi 4120c2
Fujitsu fi 4120c2.
Kaspersky Lab Virus Activity Review – August 2021
Kaspersky Lab publishes the twenty most widespread malicious programs for the past period every month. The main distinguishing feature of the G20 is the statistical base on which the data is analyzed. Unlike other similar projects, Kaspersky Lab accumulates and processes information not only from users (both home and corporate), but also from the largest free mail services – members of the Mail under Protection program, serving more than 80% of the Russian Internet. Thanks to this, users of not only Kaspersky Anti-Virus, but also all other anti-virus complexes become participants in the study. In general, this method of collecting primary data allows you to compile the most complete picture of the prevalence of malicious programs.
August once again turned out to be a “dead season” in terms of viral epidemics. The last time a major epidemic was recorded in August was in 2021, when it was the Lovesan worm. Since then, the last month of summer has become the calmest and quietest – as a reflection of the vacation period for virus writers and specialists of antivirus companies.
Even the waves of Warezov and Zhelatin worms, which have already become traditional, disappeared in August. July leader Warezov.pk exhausted its resource and at one moment disappeared from the screens of anti-virus radars. However, we remember that the springboard for Warezov.pk was prepared back in May using the Agent Trojan.bcs. So in August, in the top twenty, you can find a new program that creates a botnet and prepares a new epidemic – this is Trojan-Downloader.Win32.Agent.brk. It looks like September will see a significant spike in email threats.
As always, against the background of the weakening or disappearance of the newcomer leaders, relics return to high positions: in August, NetSky again took the first place.q. For three and a half years of its existence, the scale of its distribution has not changed at all, and it is completely unclear what else antivirus companies need to do in order to finally remove this infection from the Web.
The strange increase in the presence of worms of the Womble family in traffic continues. In July Exploit.Win32.IMG-WMF.y rose by 7 positions, in August it gained two more and entered the top ten (8th place). IMG-WMF.y is a component of all Womble worms, and if in July it “dragged” with itself into the Womble rating.d, then Womble joined them in August.a. All these worms were discovered a year ago, in August 2021, but only now have they managed to show themselves so noticeably in mail traffic.
Returned last month to the top twenty Scano.gen in August became the absolute leader in growth – immediately up five positions and is already 12th. Quite a serious application for consolidation in the rating. It is possible that he will be able to repeat the story of a very similar worm – Feebs.gen, which also went up in the same way and for two months in a row has been held in fifth place.
Other malicious programs present in mail traffic accounted for a significant percentage – 7.76% – of the total number of intercepted ones, which indicates a fairly large number of other worms and Trojans belonging to other families.
- Two new malicious programs appeared in the top twenty: Email-Worm.Win32.Womble.a, Trojan-Downloader.Win32.Agent.brk.
- Improved their performance: Email-Worm.Win32.NetSky.q, Email-Worm.Win32.Bagle.gt, Email-Worm.Win32.NetSky.aa, Net-Worm.Win32.Mytob.c, Email-Worm.Win32.Mydoom.l, Exploit.Win32.IMG-WMF.y, Net-Worm.Win32.Mytob.t, Email-Worm.Win32.NetSky.b, Email-Worm.Win32.NetSky.x, Email-Worm.Win32.Scano.gen, Net-Worm.Win32.Mytob.u.
- Lowered their metrics: Email-Worm.Win32.NetSky.t, Email-Worm.Win32.Womble.d, Virus.Win32.Grum.a.
- Have not changed their position: Worm.Win32.Feebs.gen, Email-Worm.Win32.Mydoom.m.
- Back in Top Twenty: Net-Worm.Win32.Mytob.dam, Net-Worm.Win32.Mytob.bt.