Home » Administration » Basic PC protection. We are testing the Ukrainian antivirus Zillya! Interface and virus database

Basic PC protection. We are testing the Ukrainian antivirus Zillya! Interface and virus database

Zillya! Antivirus- the brainchild of creators from Ukraine, who proudly call themselves the Ukrainian anti-virus laboratory. Zilla products! have adopted the modern trend of distributing security software in the form of existence free version antivirus with basic functionality and paid software packages that include, in addition to the basic capabilities, various additional functionality for ordinary users and the business sector. In this article we will look in detail at the free product of the Ukrainian antivirus laboratory - Zillya! Antivirus for Windows.

Review of free antivirus Zillya! Antivirus

Zillya! Antivirus – an antivirus with a nice interface, undemanding of the computer’s system resources, with a heuristic anti-virus scanning method, proactive protection, a protective filter for checking connected USB devices, an email filter and other capabilities.

1. Download and installation

Zillya! The antivirus can be installed even on the most ancient PC builds and low-power netbooks. His system requirements by modern standards very, very modest:

  • Processor – 800 MHz;
  • RAM – 256 MB;
  • Disk space – 80 MB;
  • Windows version - everything starting with XP.

To download Zillya! Antivirus go to its official website using the link:

http://zillya.ua/ru

At the beginning of the installation, you will be offered two languages ​​to choose from – Russian and Ukrainian.

Zillya installation process! Antivirus is standard.

2. Interface and main tab

Zillya! What sets Antivirus apart from other antivirus products on the security software market is its simple, at the same time stylish and usable interface, adapted for devices with touch screens thanks to the implementation of large controls. At the top of the window, large inscriptions will contain transitions to different sections of the antivirus, and in the very center of the main tab we will see a computer status indicator. The main window is customizable.

When the button is pressed "More details" the computer status indicator will turn into a tile and give way to other tiles of individual antivirus functions, including start buttons manual update and computer scanning, as well as an active threats widget.

3. Proactive protection "Watchdog"

Inscription "Protection OK" means Zillya! The antivirus works with proactive protection enabled - real-time protection, and that the user is protected from active threats. Proactive protection Zillya! Antivirus is called "Watchman", and if necessary, it can be temporarily disabled and then enabled again using the appropriate options in the context menu on the antivirus icon in the system tray.

In some cases, Zillya! The antivirus can not only be deprived of proactive protection, but even turned off completely. Moreover, this can be done very simply, without unnecessary dances with a tambourine, as is the case with other antiviruses - using the same context menu on the system tray icon. When you turn off Zillya! The antivirus will then prompt you to turn on automatically after a certain time.

4. Updating anti-virus databases

Zillya! The antivirus is updated automatically, but if necessary, the antivirus databases can be updated manually in the tab, respectively, "Update". The creators of the antivirus took the issue of the relevance of antivirus databases so seriously that most of the tab space "Update" given under the time counter since the last update.

5. Scan

Zillya antivirus scanning functionality! Antivirus is traditionally presented with the ability quick scan in boot sectors, full scan the entire computer and selective scanning.

Custom scanning will allow you to specify only individual disk partitions or folders with files for scanning.

During the computer scanning process, we will see a report on the work already done - scanning time, detected and neutralized threats.

All threats detected during the scanning process will be quarantined, unless otherwise specified by the user in the settings.

6. Quarantine

So, threats blocked in proactive protection mode and during the scanning process are sent to quarantine. In the program tab "Threats" we will find out separately active threat repository– threats not yet processed by the antivirus - and separately quarantine- a place for isolating already processed threats. Objects from the section "Active Threats" can be moved to quarantine manually by the user.

Detected threats from quarantine can be removed one by one, carefully studying background information for each individual object, or you can clear the quarantine in one click, thus getting rid of all isolated threats.

Which, by the way, is not recommended, since the developers of Zillya! Antivirus does not even deny the fact that there are many cases of false positives of their brainchild. Moreover, they invite their user audience to collaborate in this direction. On the developers website at the link:

http://zillya.ua/ru/support/av_zis/s_choice/ru

Using a special communication form, you can send them for analysis files that, according to users, Zillya! The antivirus made a false positive.

7. Recovering files and adding to exceptions

Zillya! The antivirus is vigilant on duty and brutal towards threats. And it would be nice if he mercilessly quarantined various activators, keygens, patches, but in our case, during testing, a very harmless program for creating portable software, which we previously reviewed on the pages of the site, did not come up. Herself and the portable programs Zillya created by her! The antivirus called them Trojan downloaders and placed them all in quarantine.

You can restore any file for which the antivirus made a false positive by adding this file directly to the exceptions in the quarantine section. To do this, click the object, press the button "Another Action", then select "Exceptions".

Once added to the exceptions, the object will be automatically restored and will become immune for proactive protection and computer scanning processes. Objects added to exceptions are displayed as a list in the program tab "Threats", in section "Exceptions". In this section, any of the added objects can be deleted at any time. As well as adding any of the files, any of the folders to the list, so that they also receive immunity and are not blocked by proactive protection during scanning.

8. Settings

In the tab "Settings" Zillya! The antivirus will detect little from the start that can be customized. These are various protection and alert modes.

By default, the antivirus is configured to optimal protection mode – a mode in which security filters for checking connected USB devices and mail, as well as scanning archives, are disabled. Economical the protection mode, in addition to the unused capabilities of the optimal mode, also does not check boot sectors. While maximum The level of protection includes all functions possible in the free version.

Installed by default recommended Alert mode means that Zillya notifications! Antivirus will appear in the system tray only for important issues. Quiet The alert mode does not disturb the user even on important issues. Detailed The alert mode will report in a pop-up window in the system tray for each step.

And the dialog alert mode will offer the user a choice of actions if a threat is detected.

For the opportunity free use Zillya! The antivirus asks for little - just a simple registration when accessing advanced settings. To do this you need to press the button "Customize yourself" and press"OK"in a dialog box with a notification about the need to register a copy of the antivirus.

After that, click the inscription "Register for free».

After registration, we will have access to advanced settings, where we can configure the scan scheduler, automatic action when threats are detected, the alert system, the operation of individual modules, the procedure for updating anti-virus databases, etc.

9. Efficiency

As long as new malware continues to appear, there will be no ideal product on the security software market that would be 100% effective. And since the history of the struggle between good and evil in various interpretations is as old as time, and its end is clearly not near, judge the effectiveness of Zillya! The antivirus will be compared to another antivirus, a kind of standard in the security software market - . And according to the results of independent tests on the Internet, Zillya! The antivirus beats Kaspersky both in the number of threats found and in the speed of scanning. With test file EICAR-Test-File to check the performance of anti-virus products from the same Kaspersky Lab Zillya! The antivirus did a flawless job and quarantined it with lightning speed.

10. Paid products Zillya!

More free antivirus version from Zillya developers! for the average person they can offer a paid software package Zillya! Internet Security . There is no particular need for this, since we will not achieve improved computer protection anyway, but we will pay for what we can get among the staff Windows functionality, using free browser extensions and third-party programs. These are features such as: parental controls, web filter, file shredder, system optimizer, task manager and startup manager. But a paid package for the business segment can offer functions that are relevant for large enterprises remote control client parts of the antivirus.

11. Antivirus utility Zillya!

Serious antivirus products often, in addition to the main solutions installed in operating system, also offer portable antivirus utilities. These do not conflict with the antivirus software installed on the system, and ideally it is recommended to run them periodically when using any security software, even paid ones. A utility from another developer will scan using, respectively, other anti-virus scanning methods and other anti-virus databases. Portable antivirus utility from the Ukrainian antivirus laboratory is called Zillya! Scanner. It can be downloaded for free from the official website using this link:

http://zillya.ua/ru/zillya-ckaner

We launch the utility with administrator rights.

The utility's capabilities are represented by a traditional scanning set - quick (Quick scan), full (Full scan) and custom (Custom scan).

Antivirus protects your PC from viruses, spyware, Trojans and other malicious programs.

The basis of data protection against all types of malicious software is built on the use of the actual virus database, containing over 15 million malware"s signatures and advanced module of proactive protection.

This module is the core of the entire security system, which is based on the basis of Zillya! Internet Security product. A unique feature of this module is modern virus signature database that is updated every day. It should be noted that such data do not overload neither server nor local PC, as the database is optimized and modernized. Thus, work with it does not affect the computer's performance and does not lead to hanging or slowing down of PC.

Utilities will not overload your PC, because anti-virus consumes no more than 512 MB of PC's RAM.

It should be noted that such level of consumption is acceptable not only for modern personal computers, but also for those that were manufactured 3-5 years ago. During Zillya! Anti-Virus work, it does not block nor slow down the most unpretentious computers.

The main rule of Zillya! is "Anti-virus protection is, above all, high-quality service". The basis of a successful tech support is in-depth knowledge of the products, the desire to "listen" to the user, to present information on the level at which it is clear to them. The secret of success is in the desire, the ability will also come.

The desire to understand the user and to help him or her is one of the tenets of the successful technical support.

Recommendations of highly qualified specialist, described by "cool" slang, may be "empty words" for the client. While the help is provided in simple terms, are a recipe for the solution of the user's problems and the key to professionalism in the eyes of the user.

Antivirus Lab of Zillya! releases daily antivirus database updates, which contain the protection from thousands of new threats.

To make the user sure that the attacker would not steal important data or other valuable information from PC, the team of developers constantly analyzes the threats and offers new solutions for the detection of the maximum number of viruses. Currently, anti-virus database of Zillya! Antivirus has more than 15 million records.

Products of new line have received innovative proactive technologies. One of the most important modules of all rage of antiviruses by Zillya! is the presence of so-called behavioral analyzer (HIPS).

This unique technology is the most advanced solution, which is implemented in the world's anti-virus industry. The essence of its work is scanning and analysis of programs, to determine the likelihood of malicious behavior. If HIPS eoul notive that some program performs actions that could potentially harm your PC, it will be blocked even before its launch.

The new line of antiviruses by Zillya! has a function of self-defense.

It eliminates the possibility of disabling the protection of your PC as a result of the forced stop using the "Task Manager". This feature is implemented as a response to modern Trojans that are able to get administrative rights on the infected PC and block the work of installed programs, including non-modern antiviruses.

Blocking of dangerous sites Heuristic Analyzer scans files with similar characteristics.

When a certain number of similar data found in the file, it decides that the program is similar to malicious one.

Thus, Zillya! AntiVirus can detect malware that has not yet been added to the antivirus database.

Zillya! Antivirus has a built-in heuristic analyzer and helps to protect the system from even those threats that have not yet appeared, but may appear in the future.

Security module of USB-drives controls the connection of any drive to the USB-ports. Preliminary analysis with following informing of user reliably protects the computer from automatically downloaded objects on disks. So now Zillya! will protect you from the automatic start from the flash drive of a virus or worm, even if it is a completely new, unknown virus.

When connecting a new USB-drive, Zillya! detects it, performs a brief analysis and informs the user about the evaluated level of security of the disc. In the case of detection of the viruses or any suspicious objects on the flash drive, antivirus immediately prompts the user to remove them.

We are testing the Ukrainian antivirus Zillya!

Now the Ukrainian antivirus Zillya! Sometimes it floats out in one place, then in another.

The first time I tested it on a virtual machine, it showed simply disgusting results. I saw few viruses, some system files offered to quarantine. I even agreed with him, knowing that Windows would not boot after this, or at best, the desktop would not be shown because... it was suggested to send explorer.exe to quarantine. But everything turned out to be simpler and then the antivirus was unable to send the infectious file to quarantine.

Time passed, the antivirus began to appear more and more often, and a short interview with company representatives appeared. It's time to see what has changed in the antivirus and how suitable it is for protecting your computer at home. Or maybe Zillya! It’s worth offering to install it for a long time ago for a neighbor or an acquaintance who didn’t like it for some time. Let's see.

Initial data.

Advantages of Ukrainian Zillya! Antivirus

- Cost-free, reliable, efficient

-Reveals any threat

-Bagatory system to protect against spyware and advertising programs

-Unique technologies for recognizing new and unknown threats (heuristic analysis)

-Mitty blocking of insecure files that can penetrate your computer through postal notifications or Internet connections

-Possibility to install Zillya! Antivirus to detect infected computers

-Intelligent mechanism for selecting the optimal action against the identified threat

-Ukrainian support

Installation is performed on virtual machine, OS Windows XP with SP 3. The machine ran a small collection of viruses that had been previously caught and was not disconnected from the Internet, i.e. viruses could be downloaded and updated easily. This was done specifically in order to be as similar as possible to the real situation, when it is unknown where the virus is on the machine, nor the number of these same viruses.

This virtual OS is infected specifically for the purpose of using antivirus software.

The desktop looks like this:

Installing an antivirus.

What can we say, the antivirus itself is installed from the Internet, and when using a proxy server, you may need to enter the proxy data manually.

On the downside, if your computer is seriously affected and there is no access to the Internet, then this antivirus is not for you. It will be impossible to update or install it.

On the plus side, on an OS with a bunch of viruses that are already fighting among themselves Zillya! It installed normally, fulfilling the promises written on the site, but given that viruses do not know anything about this antivirus, this was to be expected.

Launch the scanner and select objects to scan.

The antivirus was installed, I did a reboot just in case. The antivirus itself did not require it, which makes you wonder how deeply the antivirus is built into the OS and whether it will be able to catch anything from complex viruses that hide from detection.

After a reboot, file monitoring did not start. Well, it didn’t start automatically, so let’s launch the antivirus manually. At the same time, the antivirus icon lit up in the corner, and the window of either the scanner or the control center appeared.

Yeah I think so. Now I’ll tell you to check the necessary folders, and I’ll go to lunch. But the joy did not last long. Custom scanning cannot be performed on several folders and drives at once. Only one directory at a time.

As you can see in the figure, put a check mark next to required folders it is forbidden. You also cannot select multiple elements using the Ctrl button. It may not be a small nuisance, but it is there. Okay, I'll give it a full check.

A short wait and here is the result. 157 viruses found. True, a quick review showed that no viruses were found that were hiding from detection. Maybe this is so only at first glance?

Treatment.

So the scanning process is completed, there are viruses detected. Now I’ll choose what I need to treat, go to manual actions, select an operation on one archive, such as ignore it, and click apply.

After a short treatment, I was already thinking of breathing more freely, the anti-vus dealt with what it found. But no.

Okay, I didn’t delete some of it, maybe it will delete it after a reboot. And just in case, I look at the scan results.

Oops, for some reason there are viruses with the inscription ignored.

I wonder what happened to the antivirus. I decided to repeat the search and treatment without manual operations. Maybe it will help.

While searching for a second time and finding viruses, I notice a false positive for the archive. In general, there are Delphi programs and some of them often cause false positives of various antiviruses. But something else is interesting here. Having written that a virus was found in the archive, the antivirus did not indicate the most interesting thing: did it catch the virus in the contents of the archive or was the archive as a file mistaken for a virus? Uninformative, but not fatal in most cases.

Okay, the second scan is completed, 39 viruses were found. All actions are by default and click the apply button.

Just like the first time the window came out, lightning managed to remove everything. And again I look at the results of the treatment.

It must be admitted that it is disappointing, but at the same time we found out that the omission in the treatment in the past was most likely caused by a program error, possibly by incorrect behavior of the area responsible for manually selecting the type of treatment. Okay now for one more vital check. Will the disinfected OS be able to boot?

Judging by the screenshot, I couldn’t. The antivirus cured Windows to a pulp. Remembering a little of all my relatives, I download smokes from the Internet and see what is left alive from the viruses. I don’t want to figure out why Windows is crippled; most likely the problem is that the registry files were not corrected during deletion.

Finish

At the finish line, check how thoroughly Zillya is! coped with the scanning, where and what I missed. To do this, I used a utility from Dr.Web - CureIt!. omissions from the tested antivirus were immediately found.

I’ll also add that Zillya! does not scan files in the directory where checkpoints are saved Windows recovery. This is a significant disadvantage for an antivirus. Cureit found several hundred virus files in control points!!!

Conclusions

What can be said in conclusions? At first, it’s probably easier to list the pros and cons of this solution in comparison with my previous test of this antivirus and in relation to other antiviruses.

Sexlessness

Scanning has improved

The bases have grown noticeably

The treatment method is chosen more correctly.

— the antivirus still does not have sufficiently low-level access to files. Perhaps it does not have a sufficiently tenacious resident module (I did not set out to test it).

- installation only from the Internet

— in the last test I mentioned problems with viruses like ntos .exe and the like, but this time the problem remained. Apparently, the Ukrainian antivirus is not yet able to pick out such files and detect them in the system. Although presented on a silver platter in the catalog, it was successfully caught.

— Windows malfunction after treatment.

— in my case, the resident module did not load when starting Windows.

- errors in the program

As a result, we have a product that, after significant modification, can become quite competitive.

On current moment Zillya! On a test machine I detected and quarantined or removed almost all viruses. I didn’t find just a few pieces and finished off the long-suffering Windows J

After modification, and it seems significant, a good product may turn out. It is already clear that last time there were changes for the better. Although when will it be released? new version Then we’ll see, but for now it’s better to offer it to your enemies. What do you think?

P.S. Please don't blame me too much for mistakes.

× Close


Zillya! - a free antivirus that offers protection against any type of threat: viruses, worms, Trojans, rootkits, and others malware, whose activities lead to incorrect operation system, data loss or corruption. Also Zillaya! detects spyware and advertising programs, effectively blocks and deletes them, thereby protecting the user from aggressive advertising and penetration unauthorized persons to personal information.

Antivirus Zillya! has three scanning modes (fast, full and native), as well as the ability to start scanning on a schedule at a time convenient for the user. Each scanning mode is performed with certain parameters in accordance with the purpose of the mode. Quick Scan— express check of the most vulnerable areas of the system. Full scan - a thorough check of the system. Custom scanning—scanning based on user settings.

Main characteristics of Zillya!:

— Effective protection against any type of threat.
— Selection of scanning modes and scheduled scanning.
— Built-in heuristic analysis algorithm.
— Detects spyware and adware of a malicious nature.
— Scans mail messages(incoming and outgoing) and files attached to them.
— Scans documents before opening them.
— Scans files downloaded from the Internet.
— Check in real time.
— Check with user settings.

What questions antivirus programs Choosing whether to deal with illegal software and overpay for official products is a question asked by both ordinary Ukrainians and company representatives. The site learned from information security experts what you should pay attention to when choosing an antivirus.

They refuse Russian

It is worth noting that the share of Ukrainian software in the segment is still very small. Products from Russian developers that were once quite widespread in our corporate environment have lost their position. As a result, the demand for Western programs increased.

“If we talk about ordinary users, the situation here is different, although this audience is gradually being “cleared” of Russian antiviruses. The corporate sector and government agencies, having changed their consumer preferences, contributed to the further growth of the share of Western antivirus software in our market,” said senior consulting engineer at IT-Integrator company Pavel Zolotarenko.

The corporate segment most often prefers security programs from ESET, Symantec, McAfee and Trend Micro. Ordinary Ukrainians install ESET, AVIRA, Symantec, Bitdefender, AVAST, etc.

At the same time, the share of Ukrainian software is only about 0.5%, Russian - 1%, and Western - 98.5%.
However, some organizations continue to use Russian programs, either out of habit or due to dumping prices.

"As for domestic developers, then they can still claim only a small part of state-owned enterprises and home users. Commercial organizations do not consider domestic products at all due to insufficient technical base,” said Miroslav Bondar, head of the information security solutions department of the BAKOTEK Group of Companies.

Kaspersky holds on

It is worth noting that in the public sector, vendor shares in information software sales have changed due to the imposition of sanctions against some manufacturers.

“The political situation has influenced the choice of both the average user and companies - hence the decrease in demand for Russian software. Buyers are considering a “Western” alternative,” the director of a licensed supermarket told us software"Softkey-Ukraine" Anna Bodnarchuk.

As for one of the major players in the market, Kaspersky Lab, whose headquarters is located in Moscow, being an international company registered in the UK, it continues to ensure the information security of Ukrainian citizens and companies. Although, they did not have it without difficulties.

"In 2015, as a result of inspections carried out by the State Service for Special Communications and Information Protection of Ukraine, a corporate decision Kaspersky Endpoint Security 10 for Windows, produced by Kaspersky Lab UK Ltd., has received a certificate of compliance with government regulations, in addition, it has also been certified as a solution for home users Kaspersky Internet Security for all devices. This means that our products meet quality standards and have no undeclared capabilities or hidden program code. Our solutions can be used by a wide range of organizations and individuals. We continue to provide information security in Ukraine and try to pay more attention to our partners and clients,” said Dragan Martinovic, managing director of Kaspersky Lab in Eastern Europe.

How much does antivirus cost?

As for the cost of security software, prices have remained virtually unchanged over the past 2 years, but before that, due to a jump in currencies, they rose sharply.

“Antiviruses have risen in price respectively by 1.9 times for the home and 2.4 times for companies. The cheapest Western program for the home will now cost 347 UAH for one PC per year and 795 UAH for a company for five computers per year ", Victoria Shivarova, supply manager at MT-Soft, noted in a conversation with us.

On average, the cost of an antivirus for a home today is about 695 UAH for two PCs. For corporate clients from 25 users we're talking about about 575 UAH per PC. As the number of PCs increases, the unit price decreases accordingly.

For example, the basic antivirus Kaspersky Antivirus 2016 for two devices costs 686 UAH per year. If you choose the flagship solution Kaspersky Internet Security with additional features such as "Safe Payments", " Parental Controls", "Anti-thief", etc., then the cost for a license for two devices in one year will be 980 UAH. The cost of solutions for small businesses starts from 5040 UAH, which is the recommended price for protecting five devices and one server per year.

At the same time, vendors have several approaches to creating prices:

  • Some offer prices in hryvnia without reference to exchange rates. Some had only one minor price increase. For example, DrWeb. For others, for example, ESET, the price increase took place in several stages.
  • Others work at a commercial rate. These are, in particular, Symantec, TrendMicro and other Western developers.
  • The third group pegs its prices to the commercial exchange rate, but makes special discounts. For example, 30% of b2c products for the local market were provided by Kaspersky Lab.

Manufacturers also take into account the situation in local markets and seasonal demand, so they periodically announce promotions for consumers with discounts of 10-30%.

What do people need

For home users, not only the reasonable price of the product is important, but also high service service.
Companies, in order to save money, are increasingly purchasing software through a subscription, which allows them to make smaller payments once a year or monthly.

“At the same time, many are trying not to “save on matches” and are looking for other ways to optimize, so they have taken a course towards automating business processes, introducing CRM systems to retain customers and improve service. There is a growing trend in demand for total information protection and removal of all data to the cloud,” says Anna Bodnarchuk.

Antivirus software today has ceased to be just an antivirus as such. Solutions are actively developing towards integration. Developers add such features as firewalls, anti-phishing components and much more to the usual software.

“Customers have become more interested in solutions that either complement or completely replace the classic antivirus engine,” says Miroslav Bondar.

In fact, now customers who are competent in this matter ask “what do you have besides antivirus?” As a result, the demand for the following solutions is increasing:

  • The so-called "sandboxes", i.e. complexes that perform static and dynamic analysis of files.
  • The so-called “white list” mechanism, i.e. solutions that allow you to run a limited list of applications.
  • Modules that monitor the behavior of running processes.
  • Pirate traditions

At the same time, despite the fact that legal software continues to spread, gradually displacing pirated analogues, our market has not yet managed to overcome the “dullness”. The share of pirated security software in our country is not getting smaller.

According to a study by the international association BSA, in 2015, 82% of software installed on Ukrainian computers was unlicensed. And compared to 2013, the share of pirated software decreased by only 1%.

Hackers never sleep

At the same time, it is the avalanche of various ransomware (ransomware) on the one hand, and targeted attacks using phishing (a type of Internet fraud through sending fake letters) and elements of social engineering on the other - have become the trends that force organizations to strengthen the protection of their systems

The paradox of the situation is that over the past year we have noted a sharp increase in the number of samples that use primitive mechanisms to infect the system. In fact, it all comes down to activating the bait and then loading the main module (payload).

However, thanks to social engineering techniques, latency of signatures and high variability of baits, these samples successfully fulfill their task (extortion, espionage, disabling systems).

“The stable monetization of cybercriminals is spurring the malware market towards active development. This, in turn, is reflected in the number of new virus samples,” noted Miroslav Bondar.

At the same time, we can say with confidence that we cannot expect a decline in the activity of cybercriminals. At the end of 2015, Kaspersky Lab experts noted that this year in the business environment, an increase in the number of attacks on financial organizations, financial fraud on stock exchanges, as well as attacks on infrastructure and the use of IT vulnerabilities to penetrate corporate networks is predicted. Many of these predictions have already begun to come true.

Since the beginning of the year, information security experts have noted an increase in the activity of the BlackEnergy group in Ukraine. Since 2014, it has carried out attacks on energy companies and industrial systems controls around the world using plugins aimed at SCADA systems.

Kaspersky Lab experts came to the conclusion that our targets are of particular interest, including Ukrainian government agencies and media, which initially suffered from targeted attacks using DDoS tools.

By the way, at the beginning of the year, Ukraine entered the top five in terms of the number of DDoS targets; its share rose from an insignificant 0.5% at the end of 2015 to 1.9% in the first quarter of 2016.

BlackEnergy later expanded its arsenal and carried out a number of geopolitical operations, including attacks on several critical infrastructure facilities in Ukraine. Last year, the group actively distributed phishing emails with malicious Excel attachments that infected computers through macros, and in January 2016, Kaspersky Lab first discovered that malicious Word attachments were also used for these purposes.

“This once again proves that it is often a person who is the weak link in the information security system of any company, so a large organization should have specialists with sufficiently deep knowledge in the field of antimalware research,” Dragan Martinovic noted in a conversation with the site.

Type

Related posts:

High magnification monoculars - features and benefits Monocular magnification 50High magnification monoculars - features and benefits Monocular magnification 50 World of Tanks crashes on startup - fixing errors World of tanks crashes after every battleWorld of Tanks crashes on startup - fixing errors World of tanks crashes after every battle Server key 1c over the networkServer key 1c over the network How to turn on WiFi on laptops Add a new wireless network to a laptopHow to turn on WiFi on laptops Add a new wireless network to a laptop How to find out iPhone serial number?How to find out iPhone serial number?
New or popular