Doctor Web’s Q1 2025 virus activity review

Dr.Web’s Q1 2025 report describes an uptick in detected malicious activity: overall threat detections rose while unique threat variants fell, indicating repeated reuse of malware families. The report highlights prevalent malicious scripts, ad-displaying trojans and adware, trojan droppers/downloaders, several Trojan.Encoder ransomware families, a Monero mining campaign that used steganography to hide payloads, a surge of phishing sites targeting Telegram accounts and other fraud portals, and increased Android-targeting adware and banking trojans including numerous malicious apps found on Google Play.