- January 18, 2023
- No Comment
- 5 minutes read
There's a new top dog when it comes to dangerous malware – TechRadar
When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.
Emotet is no longer the number-one malware
Qbot has become the most prevalent banking trojan around, taking the top spot from Emotet, new figures have claimed.
According to fresh figures from the Check Point Global Threat Index for December 2022, Qbot (also known as Qakbot) impacted 7% of organizations worldwide, retaking the number one spot from Emotet (4%).
Based on proprietary data, Check Point’s report says that besides Qbot and Emotet, XMRig rounded off the top three most prevalent malicious programs around, for the last month of the year.
XMRig, impacting 3% of businesses worldwide is a cryptominer, a program that “mines” the XMR cryptocurrency for the attackers. It’s a popular application, which the threat actors aim mostly to install on servers and other high-end machines.
When it comes to mobile devices, a completely different set of malware prevailed. Anubis was the most prevalent variant, followed by Hiddad and AlienBot.
But to install these malware, hackers need to have some way to access the target endpoints, which is mostly done through known vulnerabilities.
“Web Server Exposed Git Repository Information Disclosure” was the most commonly exploited vulnerability, Check Point said, impacting almost half (46%) of organizations globally. “Web Server Malicious URL Directory Traversal” was second-placed with 44% of businesses around the world being impacted. The top three were rounded off with “Command INjection Over HTTP” – 43%.
Education and Research remained the most attacked industry, before Government and Military, and Healthcare.
> Qbot malware found smuggled inside Windows Installer packages
> This huge typosquatting campaign is being used to run tech support scams
> Check out the best endpoint protection right now (opens in new tab)
“The overwhelming theme from our latest research is how malware (opens in new tab) often masquerades as legitimate software to give hackers backdoor access to devices without raising suspicion. said Maya Horowitz, VP Research at Check Point Software. “That is why it is important to do your due diligence when downloading any software and applications or clicking on links, regardless of how genuine they look.”
Last year, hackers were busy building fake landing pages, tricking people into either downloading malware, or giving away sensitive data. In just one instance, in late October last year, cybersecurity researchers from Malwarebytes discovered a major campaign that leveraged more than 200 landing pages used to gain access to people’s bank accounts.
Sign up to theTechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.
TechRadar is part of Future US Inc, an international media group and leading digital publisher. Visit our corporate site (opens in new tab).
© Future US, Inc. Full 7th Floor, 130 West 42nd Street, New York, NY 10036.