Check Point Research published the Global Threat Index as of February 2022, analyzing the most important cyber threats. The malware more widespread in the world remains Emotetalso thanks to the recent email campaigns regarding the conflict in Ukraine.
Emotet remains the most widespread malware in the world
Not all malware can last indefinitely. Check Point Research points out how the danger trickbot, after hitting the top spot in the ranking of the most popular malware in seven months out of twelve of 2021, it now falls to sixth. Perhaps also because some of its members have moved on to work for the group that create the Conti ransomware, one of the hacker groups that openly supports the Kremlin.
Instead Emotet remains firmly in first place with an iimpact on 5% of organizations in the world, again. An advanced Trojan, they first use to attack banking institutions. But now he is having a second life as a distributor of other malware and more. He spreads through email. Since the conflict in Ukraine began, one of the subjects he uses in emails is “Recall: Ukraine -Russia Military conflict: Welfare of our Ukrainian Crew member”. By playing on people’s goodwill to infect their computers.
In second place we find the infostealer Formbook, which collects browser credentials and follows your every step on your computer. Third Stupida backdoor that became a botnet, which also attacked cryptocurrency miners such as Bitcoin.
The most attacked sectors are that ofEducation / Researchfollowed by Government / Military e ISP/SMEs. While the most exploited vulnerability turns out to be Web Server Exposed Git Repository Information Disclosure.
Focus also on mobile malware: the most widespread in February 2022 is spyware XLoader on Android, followed by xHelper e AlienBot. The complete list of cyber threats can be found on the Check Point Research blog.
“We are currently seeing a number of malware, including Emotet, taking advantage of the public interest around the Russia-Ukraine conflict by creating specific email campaigns, luring people to download malicious attachments. It is important to always check that the sender’s e-mail address is authentic, pay attention to any spelling errors and do not open attachments or click on links unless you are sure that the e-mail is safe “he said. Maya HorowitzVP Research di Check Point Software.