The Latest Check Point News
Product and Solution Information, Press Releases, Announcements
October 2018’s Most Wanted Malware: For The First Time, Remote Access Trojan Reaches Global Threat Index’s Top 10 | |
Posted: Mon Nov 12, 2018 09:43:21 AM | |
Check Point’s latest Global Threat Index reveals RATs gaining prominence, while cryptomining malware continues to dominate rankings SAN CARLOS, CA — Mon, 12 Nov 2018 Check Point® Software Technologies Ltd. (NASDAQ: CHKP), a leading provider of cyber-security solutions globally, has published its latest Global Threat Index for October 2018. The Index reveals that while cryptomining malware continues to dominate the rankings, a remote access Trojan has reached the top ten’s list for the first time. During the month of October, Check Point researchers discovered a widespread malware campaign spreading a remote access trojan (dubbed “FlawedAmmy”) that allows attackers to take over victims’ computers and data. The campaign was the latest and most widespread delivering the ‘FlawedAmmyy’ RAT, following a number of campaigns that have spread this malware in recent months. The Trojan allows attackers to gain full access to the machine’s camera and microphone, collect screen grabs, steal credentials and sensitive files, and intrusively monitor the victims’ actions. As a result, FlawedAmmy is the first RAT to enter the Global Threat Index’s top 10 ranking. Meanwhile, cryptomining malware continues to lead the Index, with Coinhive the most prevalent malware with a global impact of 18%, while Cryptoloot has risen to second on the list impacting 8% of organizations worldwide. “This month, we have seen a RAT enter the top ten for the first time,” said Maya Horowitz, Threat Intelligence Group Manager at Check Point. “While we have detected several campaigns distributing the FlawedAmmyy RAT in recent months, the latest campaign was easily the largest in terms of its widespread impact. While cryptominers remain the dominant threat, this may indicate that data such as login credentials, sensitive files, banking and payment information haven’t lost their lucrative appeal to cybercriminals.” October 2018’s Top 3 ‘Most Wanted’: *The arrows relate to the change in rank compared to the previous month.
This month, Triada, the modular backdoor for Android has climbed to first place in the top mobile malware list. It replaces Android banking Trojan and info-stealer Lokibot, which has fallen to second place. Hiddad has made a return to the list as this month’s third most prevalent mobile malware October’s Top 3 ‘Most Wanted’ mobile malware:
Check Point researchers also analyzed the most exploited cyber vulnerabilities. Once again, CVE-2017-7269 remains in first place of the top exploited vulnerabilities list, with a global impact of 48% of organizations. In second place was OpenSSL TLS DTLS Heartbeat Information Disclosure with a global impact of 46%, followed by Web servers PHPMyAdmin Misconfiguration Code Injection impacting 42% of organizations. October’s Top 3 ‘Most Exploited’ vulnerabilities:
Check Point’s Global Threat Impact Index and its ThreatCloud Map is powered by Check Point’s ThreatCloud intelligence, the largest collaborative network to fight cybercrime which delivers threat data and attack trends from a global network of threat sensors. The ThreatCloud database holds over 250 million addresses analyzed for bot discovery, more than 11 million malware signatures and over 5.5 million infected websites, and identifies millions of malware types daily.
|