Malware Analysis Reports

Detailed analysis of how the malware works and how it can be removed.

Item Date

Kindsight Security Labs Malware Report – Q3 2013

The Kindsight Security Labs Q3 2013 Malware Report examines general trends for malware infections in home networks or infections in mobile devices and computers connected through mobile adapters. The data in this report is aggregated across the networks where Kindsight solutions are deployed.
11/12/2013

Kindsight Security Labs Malware Report – Q2 2013

The Kindsight Security Labs Q2 2013 Malware Report examines general trends for malware infections in home networks or infections in mobile devices and computers connected through mobile adapters. The data in this report is aggregated across the networks where Kindsight solutions are deployed.
07/23/2013

Q4 2012 Malware Report

This quarterly report shows general trends found in the fourth quarter of 2012 for malware infections in residential households or infections in mobile devices including a small decline in home network infections and an increase in mobile network infections. This report highlights top security threats including ZeroAccess, TDSS, Alureon, AgentTK, the Zeus banking Trojan, and others.
02/12/2013

Q3 2012 Malware Report

This quarterly report shows general trends found in the third quarter of 2012 for malware infections in residential households or infections in mobile devices and computers connected through mobile adapters or tethered through a mobile device. This report highlights top security threats including ZeroAccess, TDSS/Alureon family (also known as TDL-4), ad-click fraud and mobile adware.
10/29/2012

Q2 2012 Malware Report

This quarterly report shows general trends found in the second quarter of 2012 for malware infections in residential households or infections in mobile devices and computers connected through mobile adapters or tethered through a mobile device. This report highlights top security threats including Flashback, ZeroAccess and DNSChanger.
07/19/2012

New C&C Protocol for ZeroAccess/Sirefef Botnet

This is an analysis of a new variation of the command and control protocol used by the ZeroAccess/Sirefef bot. The underlying structure and function of the bot remain the same, but the command and control (C&C) protocol has switched.
06/28/2012

Q1 2012 Malware Report

This quarterly report shows general trends found in the first quarter of 2012 for malware infections in residential households or infections in mobile devices and computers connected through mobile adapters or tethered through a mobile device. This report highlights top security threats including DNSChanger, Zero Access and Flashback.
05/09/2012

Encrypted p2p C&C for ZeroAccess/Sirefef Botnet

This is an analysis of an encrypted p2p command and control protocol used by malware identified as ZeroAccess, Sirefef, Vobfus and many of other names. The scale of the infection is quite large. Since November we have seen p2p connections to over 500,000 different peers.
02/28/2012

Geinimi Trojan for AndroidOS

This malware has been identified as another variant of Geinimi, which targeted a significant number of Android Phone users since December 2010. The Trojan was originally used as a package named “com.geinimi”, but over a period of time the variants took on a more advanced obfuscated form.
11/18/2011

DroidDeluxe Trojan for AndroidOS

The DroidDeluxe Trojan attempts to root the phone without the user’s knowledge, changes file permissions to allow world-write access to some system files and sends information about the phone to Google Analytics. Once the damage is done the user will require root access to undo the access permission changes that were made.
10/31/2011