January 2021’s Most Wanted Malware 149 0 Kommentare Emotet Continues Reign as Top Malware Threat Despite Takedown - Seite 2

Top malware families
*The arrows relate to the change in rank compared to the previous month

This Month, Emotet remains the most popular malware with a global impact of 6% of organizations, closely followed by Phorpiex and Trickbot – which impacted 4% of organizations worldwide, each.

Emotet – Emotet is an advanced, self-propagating and modular Trojan. Emotet was once a banking Trojan, and recently has been used as a distributor of other malware or malicious campaigns. It uses multiple methods for maintaining persistence and evasion techniques to avoid detection. In addition, it can be spread through phishing spam emails containing malicious attachments or links.
↑ Phorpiex – Phorpiex is a botnet known for distributing other malware families via spam campaigns as well as fueling large scale Sextortion campaigns.
↓ Trickbot – Trickbot is a dominant banking Trojan constantly being updated with new capabilities, features and distribution vectors. This enables Trickbot to be a flexible and customizable malware that can be distributed as part of multi purposed campaigns.

Top exploited vulnerabilities

This month “MVPower DVR Remote Code Execution” is the most common exploited vulnerability, impacting 43% of organizations globally, followed by “HTTP Headers Remote Code Execution (CVE-2020-13756)” which impact 42% of organizations worldwide. “Dasan GPON Router Authentication Bypass (CVE-2018-10561)” is third place in the top exploited vulnerabilities list, with a global impact of 41%.

MVPower DVR Remote Code Execution – a remote code execution vulnerability which exists in MVPower DVR devices. A remote attacker can exploit this weakness to execute arbitrary code in the affected router via a crafted request.
HTTP Headers Remote Code Execution (CVE-2020-13756) – HTTP headers let the client and the server pass additional information with an HTTP request. A remote attacker may use a vulnerable HTTP Header to run arbitrary code on the victim machine.
↑ Dasan GPON Router Authentication Bypass (CVE-2018-10561) – An authentication bypass vulnerability that exists in Dasan GPON routers. Successful exploitation of this vulnerability allows remote attackers to obtain sensitive information and gain unauthorized access into the affected system.

Top mobile malwares

This month, Hiddad holds 1^st place in the most prevalent mobile malware, followed by xHelper and Triada.

Hiddad – Hiddad is an Android malware which repackages legitimate apps and then releases them to a third-party store. Its main function is to display ads, but it can also gain access to key security details built into the OS.
xHelper – A malicious application seen in the wild since March 2019, used for downloading other malicious apps and display advertisement. The application is capable of hiding itself from the user and reinstall itself in case it was uninstalled.
Triada – Modular Backdoor for Android which grants superuser privileges to downloaded malware.

Check Point’s Global Threat Impact Index and its ThreatCloud Map is powered by Check Point’s ThreatCloud intelligence, the largest collaborative network to fight cybercrime which delivers threat data and attack trends from a global network of threat sensors. The ThreatCloud database inspects over 3 billion websites and 600 million files daily, and identifies more than 250 million malware activities every day.

Seite 2 von 3

◄ Seite 1 Seite 3 ►