The Latest Check Point News
Product and Solution Information, Press Releases, Announcements
January 2020’s Most Wanted Malware: Coronavirus-themed Spam Spreads Emotet Malware | |
Posted: Thu Feb 13, 2020 08:38:46 AM | |
Check Point’s researchers also report an increase in exploits the ‘MVPower DVR Remote Code Execution’ vulnerability, impacting 45% of organizations globally SAN CARLOS, CA — Thu, 13 Feb 2020 Check Point Research, the Threat Intelligence arm of Check Point® Software Technologies Ltd. (NASDAQ: CHKP), a leading provider of cyber security solutions globally, has published its latest Global Threat Index for January 2020. The research team reported that Emotet was the leading malware threat for the fourth month running, and was being spread during the month using a Coronavirus-themed spam campaign. The emails appear to be reporting where Coronavirus is spreading, or offering more information about the virus, encouraging the victim to open the attachments or click the links which, if opened, attempt to download Emotet on their computer. Emotet is primarily used as a distributor of ransomware or other malicious campaigns. January also saw an increase in attempts to exploit the ‘MVPower DVR Remote Code Execution’ vulnerability, impacting 45% of organizations globally. This rose from being the third most exploited vulnerability in December to the top position this month. If successfully exploited, a remote attacker can exploit this weakness to execute arbitrary code on the targeted machine. “As with last month, the ‘most wanted’ malicious threats impacting organizations continue to be versatile malware such as Emotet, XMRig and Trickbot, which collectively hit over 30% of organizations worldwide,” said Maya Horowitz, Director, Threat Intelligence & Research, Products at Check Point. “Businesses need to ensure their employees are educated about how to identify the types of topical spam emails that are typically used to propagate these threats, and deploy security that actively prevents these threats from infecting their networks and leading to ransomware attacks or data exfiltration.” January 2020’s Top 3 ‘Most Wanted’ Malware: *The arrows relate to the change in rank compared to the previous month. Emotet is holding the 1st place impacting 13% of organizations globally, followed by XMRig and Trickbot impacting 10% and 7% of organizations worldwide respectively.
January’s Top 3 ‘Most Wanted’ Mobile Malware: xHelper retains its 1st place in the most prevalent mobile malware, followed by Guerilla and AndroidBauts.
January’s ‘Most Exploited’ vulnerabilities: The “MVPower DVR Remote Code Execution” was the most common exploited vulnerability, impacting 45% of organizations globally, followed by “Web Server Exposed Git Repository Information Disclosure” with an impact of 44% and the “PHP DIESCAN information disclosure” vulnerability impacting 42%.
Check Point’s Global Threat Impact Index and its ThreatCloud Map is powered by Check Point’s ThreatCloud intelligence, the largest collaborative network to fight cybercrime which delivers threat data and attack trends from a global network of threat sensors. The ThreatCloud database holds over 250 million addresses analyzed for bot discovery, more than 11 million malware signatures and over 5.5 million infected websites, and identifies millions of malware types daily. The complete list of the top 10 malware families in December can be found on the Check Point Blog |