Malware 2020- 2026() 2025() 2024() 2023() 2022() OTHER() 2020() 2019() 2018() 2017() 2016() 2015() 2014() 2013() 2012() 2011() 2010() 2009() 2008()
DATE |
NAME |
INFO |
CATEGORY |
SUBCATE |
|
28.12.20 |
Win32/Filecoder.Avaddon.C | Win32/Filecoder.Avaddon.C is a trojan that encrypts files on fixed, removable and network drives. | MALWARE | |
| 16.12.20 | Backdoor.MSIL.SUNBURST.A | This Backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. | MALWARE | |
| 16.12.20 | Trojan.MSIL.SUPERNOVA.A | This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. | MALWARE | |
|
28.10.20 |
The trojan serves as a proxy server. The trojan can modify network traffic. |
MALWARE | ||
|
24.10.20 |
The trojan serves as a proxy server. The trojan can modify network traffic. |
MALWARE | ||
|
15.10.20 |
Cybercriminals used this malware bundled with legitimate installation copies of the VPN software known as Windscribe. |
MALWARE | ||
|
16.8.20 |
Win32/Rozena.XM is a trojan which tries to download other malware from the Internet. |
MALWARE | ||
|
7.8.20 |
Win32/Filecoder.WastedLocker.A is a trojan that encrypts files on local drives. |
MALWARE | ||
|
16 .7.20 |
This new Mirai variant exploits CVE-2020-10173, a vulnerability in Comtrend VR-3033 routers. |
MALWARE | ||
|
16 .7.20 |
Cybercriminals take advantage of the popularity of the Zoom messaging app. This backdoor is found in a fake Zoom installer. |
MALWAREs | ||
|
6.7.20 |
The trojan serves as a backdoor. It can be controlled remotely. |
MALWARE | ||
|
6.7.20 |
Win32/Spy.Buhtrap.AP is a trojan that installs Win32/Spy.Buhtrap.AB malware. |
MALWARE | ||
|
23.4.20 |
This AutoIt-compiled malware downloads a coinminer in affected systems. This malware is distributed by cybercriminals by bundling it with a legitimate installer of the Zoom communication app. |
MALWARE | ||
|
23.4.20 |
Win32/Filecoder.Maze.A is a trojan that encrypts files on fixed, removable and network drives. |
MALWARE | ||
|
29.3.20 |
This POWLOAD variant is seen distributed via spam. The spam campaign is in Italian and lures users to click by using COVID-19 in its subject. |
MALWARE | ||
|
6.3.20 |
Win32/Filecoder.Phobos.C is a trojan that encrypts files on fixed, removable and network drives. |
MALWARE | ||
|
15.1.20 |
This is the Trend Micro detection for the backdoor installed by the PowerTrick post-exploitation toolkit believed to be developed by creators of Trickbot. |
MALWARE | ||
|
15.1.20 |
This backdoor comes bundled with a Monero miner, both spread by a botnet. |
MALWARE | ||
|
15.1.20 |
This malware was seen delivered via malicious spam spoofing the brand DHL as the sender. It came as an . |
MALWARE | ||
|
15.1.20 |
This new version of KERBERDS, a known crypto-mining malware that uses an ld.so. |
MALWARE | ||
|
15.1.20 |
This new version of KERBERDS, a cryptomining malware that uses an ld.so. |
MALWARE | ||
|
15.1.20 |
This malware is part of the fileless botnet Novter that is delivered via the KovCoreG malvertising campaign. |
MALWAREs | ||
|
15.1.20 |
This malware is part of the fileless botnet Novter distributed by the KovCoreG malvertising campaign. |
MALWARE | ||
|
15.1.20 |
This rootkit is used by Skidmap - a Linux malware - to hide its cryptocurrency-mining abilities. |
MALWARE | ||
|
15.1.20 |
This miner figured in the fileless GhostMiner that uses WMI Objects. GhostMiner is known to kill competing other miner payloads. |
MALWARE | ||
|
15.1.20 |
This backdoor is seen propagating via CVE-2018-18636, a cross-site scripting vulnerability affecting the wireless router D-Link DSL-2640T. |
MALWARE | ||
|
15.1.20 |
This malware is part of an attack chain that involves searching for exposed or publicly accessible Elasticsearch databases/servers. |
MALWARE | ||
|
15.1.20 |
This backdoor is downloaded and installed in systems via malicious URL. It is installed with a miner. |
MALWARE | ||
|
15.1.20 |
IoT malware uses two different encryption routines for its strings and modified the magic number of UPX. |
MALWARE | ||
|
15.1.20 |
This ransomware is one of the few ransomware families that is loaded and executed under the legitimate PowerShell executable. |
MALWARE | ||
|
15.1.20 |
This backdoor comes bundled with a Monero miner, both spread by a botnet. The techniques employed are reminiscent of the Outlaw hacking group that Trend Micro reported in November 2018. |
MALWARE | ||
|
15.1.20 |
This malware is part of the newly discovered BLACKSQUID malware family that targets web servers, network drives, and removable drives using multiple web server exploits and dictionary attacks. |
MALWARE | ||
|
15.1.20 |
This new Mirai variant uses a total of 13 different exploits, almost all of which have been used in previous Mirai-related attacks. |
MALWARE | ||
|
15.1.20 |
This Dharma variant uses a new technique: using software installation as a distraction to help hide malicious activities. |
MALWAREs | ||
|
15.1.20 |
This malware is responsible for dropping the cryptocurrency miner Coinminer.Linux. |
MALWARE | ||
|
15.1.20 |
This malware is part of the leaked source code of Carbanak, as reported by FireEye in April 2019. |
MALWARE | ||
|
15.1.20 |
This malware has the capability of downloading and installing plugins from a remote server. This feature allows the malware to be more flexible in its attacks. |
MALWARE | ||
|
15.1.20 |
This malware is involved in the Blackhole Exploit Kit (BHEK) attacks in January 2013. It takes advantage of a zero-day vulnerability (CVE-2013-0422) in Java in order to drop ransomware. |
MALWARE | ||
|
15.1.20 |
This malware is involved with a spam attack during January 2013. |
MALWARE | ||
|
15.1.20 |
This malware was involved in the Red October campaign, a series of attacks targeting diplomatic and government agencies. |
MALWARE | ||
|
15.1.20 |
This malware was involved in the Red October campaign, a series of attacks targeting diplomatic and government agencies. |
MALWARE | ||
|
15.1.20 |
This malware claims to be an update installer for Java. Once installed, it downloads malicious files onto the affected system and executes them, causing routines to be exhibited. |
MALWARE | ||
|
15.1.20 |
The malware tags the affected users' friends in Facebook and posts a message with a malicious link. |
MALWARE | ||
|
15.1.20 |
This malware spams messages to users using Skype in order to propagate. The spammed messages contain links that lead to an automatic download of the malware itself. |
MALWARE | ||
|
15.1.20 |
This malware spams messages to users using Skype in order to propagate. The spammed messages contain links that lead to an automatic download of the malware itself. |
MALWARE | ||
|
15.1.20 |
This is a keylogger found inside a spammed email message that purports to come from the Cabinet Office Information Systems Office. |
MALWAREs | ||
|
15.1.20 |
This malware targets systems running on Linux. It allows remote access of affected systems through the use of SSH (Secure Shell Protocol) and steals system login credentials. |
MALWARE | ||
|
15.1.20 |
This backdoor is a new variant of the malware family CARBERP. |
MALWARE | ||
|
15.1.20 |
This backdoor is a new variant of the malware family CARBERP. |
MALWARE | ||
|
15.1.20 |
This malware disguises as delivery receipts for well-known postal and delivery services firms and airlines. |
MALWARE | ||
|
15.1.20 |
This malware is related to the Whitehole Exploit Kit attacks during February 2012. |
MALWARE | ||
|
15.1.20 |
This malware is a cross-platform threat, affecting both Android and Windows. |
MALWARE | ||
|
15.1.20 |
This malware takes advantage of zero-day vulnerabilities in Adobe Flash Player to drop malicious files. |
MALWARE | ||
|
15.1.20 |
This is a backdoor builder written in Java. It has been seen as a free download in underground forums. |
MALWARE | ||
|
15.1.20 |
This malware was involved in a zero-day Java vulnerability exploit attack in January 2013. |
MALWARE | ||
|
15.1.20 |
This malware exploits vulnerabilities related to CVE-2013-0431. |
MALWARE | ||
|
15.1.20 |
The malware uses similar techniques as those of PlugX, like process injection and use of blob file. |
MALWARE | ||
|
15.1.20 |
This is a specially crafted PDF which takes advantage of a recent vulnerability in Adobe (CVE-2013-0641) to drop MiniDuke malware. |
MALWAREs | ||
|
15.1.20 |
This backdoor is downloaded before through a previous zero-day Java exploit, now tagged as CVE-2013-1493. |
MALWARE | ||
|
15.1.20 |
This malware is signed with a legitimate digital certificate, which tricks users into thinking that it is a legitimate file. |
MALWARE | ||
|
15.1.20 |
This malware takes advantage of a zero-day Java vulnerability. Once it successfully exploited the vulnerability, it downloads and execute an McRAT backdoor. |
MALWARE | ||
|
15.1.20 |
This malware is involved in certain targeted attacks that took place on March 2013. It drops and opens non-malicious document files to hide its backdoor routines. |
MALWARE | ||
|
15.1.20 |
This spyware is distributed through ATO tax spam.To get a one-glance comprehensive view of the behavior of this Spyware, refer to the Threat Diagram shown below. |
MALWARE | ||
|
15.1.20 |
This malware is involved in the Master Boot Record (MBR) wiper outbreak that targeted users in South Korea during March of 2013. |
MALWARE | ||
|
15.1.20 |
This malware is involved in the Master Boot Record (MBR) wiper outbreak that targeted users in South Korea during March of 2013. |
MALWARE | ||
|
15.1.20 |
This malware is involved in the cyber attacks that targeted specific users in South Korea during March of 2013. |
MALWARE | ||
|
15.1.20 |
This malware connects to Evernote to receive and perform commands from remote malicious users. |
MALWARE | ||
|
15.1.20 |
This malware intercepts network traffic accessing Facebook and redirects it to a fraudulent page that will lead users in entering their credit card information. |
MALWARE | ||
|
15.1.20 |
This malware is involved in a malicious spam campaign leveraging the April 2013 Boston Marathon Bombing. |
MALWARE | ||
|
15.1.20 |
This malware is involved in a malicious spam campaign leveraging the April 2013 Boston Marathon Bombing. |
MALWAREs | ||
|
15.1.20 |
This backdoor is served via a spammed message that leads to a Blackhole Exploit Kit. |
MALWARE | ||
|
15.1.20 |
This malware connects to a blogging service to receive and perform commands from remote malicious users. |
MALWARE | ||
|
15.1.20 |
This malware is the final payload of a targeted attack campaign leveraging the April 2013 Boston Marathon Bombing. |
MALWARE | ||
|
15.1.20 |
This malware uses multi-protocol instant-messaging applications in order to propagate itself. |
MALWARE | ||
|
15.1.20 |
This backdoor was downloaded by a malicious script hosted on a compromised website of the US Department of Labor. |
MALWARE | ||
|
15.1.20 |
This malicious script was inserted onto a legitimate website of the US Department of Labor and downloads a Poison Ivy backdoor. |
MALWARE | ||
|
15.1.20 |
This malware was involved in an attack targeting Banco de Brasil users during May 2013. It came bundled as a plugin for a customized banking browser. |
MALWARE | ||
|
15.1.20 |
This malware was involved in a malicious spam attack targeting Walmart customers on May 2013. |
MALWARE | ||
|
15.1.20 |
This malware propagates by creating copies of itself in password-protected archives. |
MALWARE | ||
|
15.1.20 |
Spammers take advantage of the news regarding the supposedly merging of Skype, Hotmail, and MSN to lure users into downloading this malware. |
MALWARE | ||
|
15.1.20 |
This is involved in an exploit attack targeting a critical vulnerability of Ruby on Rails. |
MALWARE | ||
|
15.1.20 |
This is the detection for exploit codes that takes advantage of a vulnerability in the hosting control panel Plesk. |
MALWAREs | ||
|
15.1.20 |
This malware uses DLL preloading, a technique more known to be utilized by PlugX. |
MALWARE | ||
|
15.1.20 |
This Android malware leads users to a fake adult dating website. |
MALWARE | ||
|
15.1.20 |
This Android malware installs itself as an administrator and uses a vulnerability found in Android. |
MALWARE | ||
|
15.1.20 |
This malware is related to the security incident that affected certain government and news websites in South Korea. |
MALWARE | ||
|
15.1.20 |
This malware was found to be hosted on certain compromised South Korean websites. |
MALWARE | ||
|
15.1.20 |
This spyware is related to the bogus project dubbed as flashplayerwindows.When executed, it connects to Google Code to download other files. |
MALWARE | ||
|
15.1.20 |
This FARFEIT variant is the final payload of a Blackhole Exploit Kit related spam run. |
MALWARE | ||
|
15.1.20 |
This malware is related to the malicious link spammed via Facebook that allegedly points to a video recording of a young woman committing suicide on camera. |
MALWARE | ||
|
15.1.20 |
This malware is related to the Blackhole Exploit kit spam campaign on July 2013. |
MALWARE | ||
|
15.1.20 |
This malware is related to a spammed message that leverages the news on “Royal Baby." |
MALWARE | ||
|
15.1.20 |
This is a malicious applet that downloads and executes a file infector detected as PE_EXPIRO.JX-O. |
MALWARE | ||
|
15.1.20 |
This file infector arrives via malicious Java applet. |
MALWAREs | ||
|
15.1.20 |
This malware guises as an Opera update. Cybercriminals behind this threat stole an outdated Opera digital certificate, which they used to sign this malware. |
MALWARE | ||
|
15.1.20 |
It drops a distributed denial of service (DDoS) component that targets primary and secondary DNS name servers of record for multiple South Korean government sites. |
MALWARE | ||
|
15.1.20 |
This ZBOT variant was used in a spam run which takes advantage of the UK Tax Return deadline. |
MALWARE | ||
|
15.1.20 |
This ZBOT variant was used in a spam run which takes advantage of the UK Tax Return deadline. |
MALWARE | ||
|
15.1.20 |
This is the Trend Micro detection for KINS Trojan, dubbed as the next ZeuS by media reports. Similar to ZeuS/ZBOT, it downloads configuration file and steals online banking credentials. |
MALWARE | ||
|
15.1.20 |
This backdoor is used by cybercriminals to brute-force many WordPress blogs via logging into administrator pages. |
MALWARE | ||
|
15.1.20 |
This backdoor is related to the Sykipot campaign that targets the United States civil aviation sector. |
MALWARE | ||
|
15.1.20 |
This backdoor is the detection for malicious attachments in email messages that spoof the 2013 G20 Summit in Russia. |
MALWARE | ||
|
15.1.20 |
This malware is associated with the reported increase in the number of Tor users. It has the capability to execute commands and download adware on to the infected system. |
MALWARE | ||
|
15.1.20 |
This is the malware associated with the fake WhatsApp notification. |
MALWARE | ||
|
15.1.20 |
This backdoor is a variant of the malware family BLYPT. It uses binary large objects (BLOB) to store information in the affected system's registry. |
MALWARE | ||
|
15.1.20 |
This backdoor is a variant of the malware family BLYPT. It uses binary large objects (BLOB) to store information in the affected system's registry. |
MALWAREs | ||
|
15.1.20 |
This malware is one of the latest ransomware variants known as cryptolockers. |
MALWARE | ||
|
15.1.20 |
This malware makes use of “garbage” strings, which in actual hides the malicious code. |
MALWARE | ||
|
15.1.20 |
This malware is involved in the CryptoLocker ransomware malicious spam campaign spotted on October 2013. |
MALWARE | ||
|
15.1.20 |
This malware is involved in a ZBOT spam campaign that targeted British users. |
MALWARE | ||
|
15.1.20 |
This CryptoLocker is downloaded by a ZeuS/ZBOT variant detected as TSPY_ZBOT.VNA. |
MALWARE | ||
|
15.1.20 |
This malware is involved in the targeted attacks that took advantage of an unpatched Microsoft Office vulnerability, namely CVE-2013-3906, on November 2013. |
MALWARE | ||
|
15.1.20 |
This malware is involved in the targeted attacks that took advantage of an unpatched Microsoft Office vulnerability, namely CVE-2013-3906, on November 2013. |
MALWARE | ||
|
15.1.20 |
This malware was used in the EvilGrab campaign, which targets victims in Japan and China. |
MALWARE | ||
|
15.1.20 |
This malware exploits a Windows XP/Server 2003 zero-day vulnerability. |
MALWARE | ||
|
15.1.20 |
This malware is the final payload of an attack that utilized a zero-day vulnerability in Windows XP/Server 2003. |
MALWARE | ||
|
15.1.20 |
This is a Cryptolocker variant that has propagation routines, enabling it to easily spread to other systems. |
MALWARE | ||
|
15.1.20 |
This malware is part of the 64-bit ZBOT samples that have been spotted to target 64-bit systems during January 2014. |
MALWARE | ||
|
15.1.20 |
This malware is part of the 64-bit ZBOT samples that have been spotted to target 64-bit systems during January 2014. |
MALWARE | ||
|
15.1.20 |
This ZBOT variant drops a configuration file that contains a list of its targeted banks and other financial sites. |
MALWARE | ||
|
15.1.20 |
This malware uses an AutoIT packer, a scripting language leveraged by cybercriminals. |
MALWARE | ||
|
15.1.20 |
This malware uses an AutoIT packer, a scripting language leveraged by cybercriminals. |
MALWARE | ||
|
15.1.20 |
This BANKER variant is downloaded on the system by TROJ_BANLOAD.GB, a malware that targets Banco de Brasil users. |
MALWAREs | ||
|
15.1.20 |
This BANLOAD variant checks for the presence of G-buster Plugin, a plugin that prevents malicious code from running during a banking session, on the system. |
MALWARE | ||
|
15.1.20 |
This malware was found in January 2014 to be distributed as a key generator. Instead of generating keys, it downloads malware onto the affected system. |
MALWARE | ||
|
15.1.20 |
This malware is related to the fake Flash player scams that targeted users in Turkey. It is used to send the Facebook messages with the link to the video. |
MALWARE | ||