Check Point released January 2018’s Top 10 ‘Most Wanted’ Malware
Since January, cryptocurrency mining malware remains the most popular. Among them, Coinhive, the one that most reminds us of the first, is still at the top of the list since last month, affecting 23% of the global business.
In addition, according to the report, Fireball’s ranking soared from fifth in last month’s list to second in the month and affected nearly one-fifth of businesses worldwide. Correspondingly, Rig ek, the second-most-favored exploit tool last month, dropped to third place this month, though it still affects 17% of organizations worldwide.
It is noteworthy that security analysts at Check Point have also uncovered three variants of the cryptocurrency mining malware and are among the top ten on the list.
Top 10 Most Popular Malware
- ↔Coinhive – Crypto-Miner designed to perform online mining of Monero cryptocurrency when a user visits a web page without the user’s approval.
- ↑ Fireball – Browser-hijacker that can be turned into a full-functioning malware downloader.
- ↔ Rig ek – Rig delivers Exploits for Flash, Java, Silverlight and Internet Explorer
- ↔ Roughted – Large scale Malvertising used to deliver various malicious websites and payloads such as scams, adware, exploit kits and ransomware.
- ↔ Globeimposter – Ransomware disguised as a variant of the Globe ransomware. Upon encryption, the ransomware appends the .crypt extension to each encrypted file.
- ↑ Andromeda – Modular bot used mainly as a backdoor to deliver additional malware on infected hosts.
- ↓ Cryptoloot – Crypto-Miner that uses the victim’s CPU or GPU power and existing resources for crypto mining – adding transactions to the blockchain and releasing new currency.
- ↓ Ramnit – Banking Trojan that steals banking credentials, FTP passwords, session cookies and personal data.
- ↑ Nivdort – Multipurpose bot used to collect passwords, modify system settings and download additional malware.
The three most popular mobile malware
- Lokibot – Android banking Trojan and info-stealer, which can also turn into a ransomware that locks the phone.
- Triada – Modular Backdoor for Android which grants superuser privileges to downloaded malware.
- Hiddad – Android malware which repackages legitimate apps then releases them to a third-party store.