Our corporate news

9 min read Original article ↗

By continuing to use this website, you are consenting to Doctor Web’s use of cookies and other technologies related to the collection of visitor statistics.

Learn more

All news

Software developers are the target. New trojan attacks supply chains and inflicts multifaceted damage on infected PCs

A new trojan engaging in supply chain attacks has recently come under the scrutiny of our antivirus laboratory. The malware primarily targets C++ and C# project files. This malicious sample is particularly dangerous as its payload incorporates multiple damaging features, allowing it to steal data, access clipboard content, operate as a backdoor, engage in rogue mining. and also infect other files.

About viruses  |  Dr.Web products

Read

Doctor Web’s Q2 2026 review of virus activity on mobile devices

According to detection statistics collected by Dr.Web Security Space for mobile devices,

Android.Banker

banking trojans were less active in the second quarter (Q2) of 2026—by 31.83%, compared to the first quarter (Q1). At the same time, they remained the most widespread Android malware: this family accounted for 23.28% of all malware detections. These trojans steal various confidential data, such as SMS containing one-time codes from credit organizations and logins and passwords for accessing online bank accounts, and they can also display phishing windows. As in the previous quarter, users were more likely to encounter the Android.Banker.Mamont subfamily, which includes various malicious apps.

Dr.Web products  |  Virus reviews

Read

Doctor Web’s Q2 2026 virus activity review

According to statistics collected by the Dr.Web anti-virus, the total number of threats detected in the second quarter (Q2) of 2026 was up by 5.72% from Q1. The number of unique threats increased by 95.32%. Ad-displaying programs and trojans, malicious crypto-miners, and trojans used to run other malware were most frequently discovered on protected devices.

Dr.Web products  |  Virus reviews

Read

The wait is over! Dr.Web CureIt! Pro has been released and is available free of charge for all users

Meet Dr.Web CureIt! Pro — the expanded version of our legendary curing utility. The utility is already operational, and right now you can access it free of charge.

Dr.Web products  |  Our promos

Read

Dr.Web CureIt! to become even more convenient. Announcement for the expanded Pro version

We analyzed feedback from our users and came to an important conclusion. At the critical moment when a PC is infected, complex settings aren't required — a fast, easy and reliable solution that launches and cures a system with a single click is needed.

Dr.Web products

Read

Android.MagicAd trojan displays ads despite all restrictions

Doctor Web’s experts have discovered Android.MagicAd, a trojan that bypasses Android OS restrictions in various ways to display background ads. One of these methods is universal, while the others are designed for devices from specific manufacturers. These include exploiting third-party software and using the system media player.

About viruses  |  Mobile threats  |  Dr.Web products  |  Dr.Web software updates

Read

Instead of a job—stolen data and money. Trojan stealer targeting macOS and Windows users conceals itself in fake online interview apps

Doctor Web’s experts are warning users about the spread of JobStealer, a trojan app that steals confidential information from macOS and Windows computer users. It primarily aims to hijack data from crypto wallets. Fraudsters, under the pretext of conducting online interviews, lure potential victims to malicious websites and ask them to download a video conferencing app. In reality, this software is the JobStealer trojan.

Read

Doctor Web’s Q1 2026 review of virus activity on mobile devices

According to detection statistics collected by Dr.Web Security Space for mobile devices, the trojans

Android.MobiDash

and

Android.HiddenAds

, which display intrusive ads, continued to decline in activity in the first quarter (Q1) of 2026. Compared to the fourth quarter of last year, they were detected on protected devices 32.70% and 7.09% less often, respectively. They lost their lead to

Android.Banker

banking trojans, whose activity increased by more than 2.5 times over the course of the last three months. As a result, they have become the most widespread Android threats. Such malicious apps intercept SMS containing transaction confirmation codes coming from banks, display phishing windows, and can also imitate the appearance of real banking software to steal confidential data. Users were most likely to encounter trojans from the Android.Banker.Mamont subfamily, which includes a variety of malicious programs.

Dr.Web products  |  Virus reviews

Read

Doctor Web’s Q1 2026 virus activity review

According to statistics collected by the Dr.Web anti-virus, the total number of threats detected in the first quarter (Q1) of 2026 decreased by 6.77%, compared to the fourth quarter of last year. The number of unique threats decreased by 11.98%. Adware programs and ad-displaying trojans, malicious downloader apps, and backdoors were most commonly detected on protected devices.

Dr.Web products  |  Virus reviews

Read

Dr.Web for personal computers receives SKD AWARDS product excellence distinction

The comprehensive antivirus solution Dr.Web Security Space was once again given an SKD AWARDS industry honour. The antivirus was recognised as best product in the “Personal Computer Security” category. 

Dr.Web products  |  Corporate news

Read

Android.Phantom trojans are bundled with modded games and popular apps to infiltrate smartphones. They use machine learning and video broadcasts to engage in click fraud

Experts at the Doctor Web antivirus laboratory have discovered and investigated a new trojan clicker malware family. All of these trojans either are administered via the hxxps[:]//dllpgd[.]click server or get downloaded and launched after the corresponding instruction is received from the remote host. Malware belonging to this family infects Android smartphones.

Real-time threat watch

Read

Doctor Web’s review of virus activity on mobile devices in 2025

In 2025, Android device users were most likely to encounter ad-displaying trojans and fake apps used for fraudulent purposes.

Dr.Web products  |  Virus reviews

Read

Doctor Web’s virus activity review for 2025

In 2025, trojans designed to display ads were one of the most active threats. Users also encountered various malicious scripts and trojan programs that launch other malware in infected systems. In email traffic, trojan downloaders, backdoors, exploits, malicious scripts, and phishing documents were most commonly detected.

Dr.Web products  |  Virus reviews

Read

Doctor Web’s Q4 2025 review of virus activity on mobile devices

According to detection statistics collected by Dr.Web Security Space for mobile devices, the trojans

Android.MobiDash

and

Android.HiddenAds

, which display intrusive ads, were again the most widespread Android threats. At the same time, their activity decreased, and they were detected less frequently on protected devices by 43.24% and 18.06%, respectively. These malicious programs were followed by trojans from the Android.Siggen family, which includes malware whose functionality varies. They were also detected less often—by 27.47%.

Read

Doctor Web’s Q4 2025 virus activity review

According to statistics collected by the Dr.Web anti-virus, the total number of threats detected in the fourth quarter of 2025 increased by 16.05%, compared to the third quarter. The number of unique threats decreased by 1.13%. Most common were unwanted adware apps, malicious scripts, and various malicious programs, including downloaders and ad-displaying trojans.

Dr.Web products  |  Virus reviews

Read

We’ve updated Dr.Web FixIt!’s End User License Agreement!

Dr.Web products  |  Dr.Web software updates

Read

A major centralised administration server update for Dr.Web Enterprise Security Suite and Dr.Web Industrial

Doctor Web is rolling out a major server component update for Dr.Web Enterprise Security Suite and Dr.Web Industrial 13.0.1.202511120 that will become available on December 15, 2025. The biggest change being introduced is for the Application Control component to further improve the security of protected devices.

Dr.Web products  |  Dr.Web software updates

Read

Bellerophon could never have imagined. The ChimeraWire trojan boosts website popularity by skillfully pretending to be human

While analyzing one of the affiliate programs, Doctor Web’s experts discovered a unique piece of malware with clicker functionality and dubbed it Trojan.ChimeraWire. This malware targets computers running Microsoft Windows and is based on the open-source projects zlsgo and Rod for automated website and web application management.

Dr.Web products  |  Real-time threat watch

Read

Dr.Web CureIt! can now see what malware is trying to hide

Doctor Web has updated its free utility Dr.Web CureIt! to introduce a unique feature—the ability to scan files and folders that virus makers add to antivirus exclusions lists.  This is a major step in tackling more sophisticated threats that seek to disable information security software to ensure they operate unhindered in the system.

Dr.Web products  |  Dr.Web software updates

Read

Protect your loved ones from phone scams with the new Anti-scam feature

Dr.Web Family Security—a mobile app that helps you keep your children and adult family members safe in the digital world—has been enhanced to include the Anti-scam feature, providing even more reliable protection from phone scams and blackmail. 

Dr.Web products

Read

Dr.Web Enterprise Security Suite and Dr.Web Industrial centralized management servers have been updated

A new update for Dr.Web Enterprise Security Suite and Dr.Web Industrial servers has been released. The new version delivers stability improvements and new tools for centrally managing actions when threats are detected on Android devices. To gain all of the new benefits and for correct system operation, users are recommended to update their servers to the latest version.

Dr.Web products  |  Dr.Web software updates

Read

Updated version of Dr.Web for mobile devices comes with a smart security system

Updated antivirus products for protecting Android-based smartphones, tablets and other mobile devices have been released. The main improvements concern the automation of the protection and operational stability.

Dr.Web products  |  Dr.Web software updates

Read

Cavalry Werewolf hacker group attacks Russian state institutions

In July 2025, Doctor Web was contacted by a client from a government-owned organization within the Russian Federation with suspicions that its internal network had been compromised. This hypothesis derived from the fact that spam emails were detected as coming from one of their corporate email addresses. An investigation into the incident, conducted by our anti-virus laboratory, revealed that the institution had been subjected to a targeted attack by a hacker group, which our experts identified as Cavalry Werewolf. One of the attack’s goals was to collect confidential information as well as network configuration data.

Real-time threat watch

Read

Dr.Web solutions support all versions of Windows, starting with Windows XP

Dr.Web products  |  Corporate news  |  Dr.Web software updates

Read

Understanding the ClickFix attack

Real-time threat watch

Read