TMCnet News
November 2018's Most Wanted Malware: the Thanksgiving Day Botnet EmergesCheck Point’s latest Global Threat Index reveals the Emotet botnet rising up the top malware list in November as a result of multiple campaigns; Coinhive remains at top position for 12th consecutive month SAN CARLOS, Calif., Dec. 11, 2018 (GLOBE NEWSWIRE) -- Check Point® Software Technologies Ltd. (NASDAQ: CHKP), a leading provider of cyber-security solutions globally, has published its latest Global Threat Index for November 2018. The index reveals that the Emotet botnet has entered the Index’s top 10 ranking after researchers saw it spread through several campaigns, including a Thanksgiving-themed campaign. This involved sending malspam emails in the guise of Thanksgiving cards, containing email subjects such as happy “Thanksgiving day wishes”, “Thanksgiving wishes” and “the Thanksgiving day congratulation!” These emails contained malicious attachments, often with file names related to Thanksgiving, to spread the botnet and deploy other malware and malicious campaigns. As a result, eth Emotet botnet’s global impact has increased 25% compared to October 2018. Meanwhile, November was the first anniversary of the Coinhive cryptominer leading the Global Threat Index, which it has done since December 2017. During the past 12 months, Coinhive alone impacted 24% of organizations worldwide, while cryptomining malware had an overall global impact of 38%. “This month, we have seen a significant increase in efforts to spread the Emotet botnet that have used seasonal messages to encourage clicks,” said Maya Horowitz, Director, Threat Intelligence and Research at Check Point. “Individuals and businesses expect to receive seasonal messages. These have been leveraged to spread the Emotet botnet, as part of the malware’s social engineering methods to lure potential victims into opening malicious emails. Given this capability, along with its persistence and use of evasion techniques to avoid detection, Emotet appears to have had a successful month.” While Coinhive remains popular, having remained the most prolific malware aimed at organizations for a year, there has been an increase in malware that can be used to deploy additional payloads to infected machines. These forms can maximise returns for attackers due to their multipurpose nature. November 2018’s Top 3 ‘Most Wanted’:
Triada, the modular backdoor for Android has retained first place in the top mobile malware list. Hiddad has climbed to second place, replacing Android banking Trojan and info-stealer Lokibot, which has fallen to third place. November’s Top 3 ‘Most Wanted’ mobile malware:
Check Point researchers also analyzed the most exploited cyber vulnerabilities. Once again, CVE-2017-7269 remains in first place of the top exploited vulnerabilities list, with a global impact of 48% of organizations. OpenSSL TLS DTLS Heartbeat Information Disclosure keeps its second place with a global impact of 44%. CVE-2016-6309, a vulnerability in the tls_get_message_body function of OpenSSL is in third place, impacting 42% of organizations. November’s Top 3 ‘Most Exploited’ vulnerabilities:
Check Point’s Global Threat Impact Index and its ThreatCloud Map is powered by Check Point’s ThreatCloud intelligence, the largest collaborative network to fight cybercrime which delivers threat data and attack trends from a global network of threat sensors. The ThreatCloud database holds over 250 million addresses analyzed for bot discovery, more than 11 million malware signatures and over 5.5 million infected websites, and identifies millions of malware types daily. * The complete list of the top 10 malware families in November can be found on the Check Point Blog: http://blog.checkpoint.com/2018/12/11/november-2018s-most-wanted-malware-the-rise-of-the-thanksgiving-day-botnet/ Check Point’s Threat Prevention Resources are available at: http://www.checkpoint.com/threat-prevention-resources/index.html Follow Check Point via: About Check Point Software Technologies Ltd.
|