Check Point Research, the Check Point Software Technologies Ltd. research division, published the latest World Threat Index for 2019 in May.
The map also contains the widespread threats of malware identified in Greece in May of 2019.
agent Tesla - AgentTesla is a sophisticated RAT that functions as a keylogger and password-stealing software infecting computers from 2014. AgentTesla is able to monitor and collect victim's keyboard and system clipboard entries, take screenshots and remove credentials from software installed on the victim's machine (including Google Chrome, Mozilla Firefox, and email client Microsoft Outlook). AgentTesla is sold as a legal RAT with interested parties paying 15 - 69 dollars for a user license.
Lokibot - Lokibot is a spyware software that spreads primarily through phishing email and is used to intercept data such as e-mail credentials, as well as passwords to electronic cryptographic wallets and FTP servers.
Trickbot - Trickbot is a variation of Dyre that appeared in October of 2016. Since then, it has been primarily targeted at banking users in Australia and the United Kingdom, and has recently started appearing in India, Singapore and Malaysia.
Cryptoloot - Cryptocurrency software that uses the power of the central processing unit (CPU) or graphics processor (GPU) and the victim's existing resources to generate cryptocurrencies - adding transactions to the blockchain and generating new currencies. It competes with Coinhive.
Ramnit - Ramnit is a worm that infects and spreads mainly through removable drives and files loaded into public FTP services. Malicious software creates a copy of itself to infect removable and permanent drivers. Malware also works as a backdoor.
Emotet - Sophisticated modular trojan that replicates itself. Emotet once operated as a Trojan horse bank account data and was recently used to distribute other malicious software or malware propagation campaigns. It uses many avoidance methods and techniques to stay in the system and avoid detection. Additionally, it can spread through unwanted phishing emails that contain attachments or links to malicious content.
XMRig - XMRig is an open-source mining CPU software used for the Monero Cryptography process and was first released in May in 2017.
Nivdort - Nivdort is a Trojan software family targeted at the Windows platform. It collects passwords and system information or settings such as Windows version, IP address, software configuration, and approximate location. Some versions of this malicious software collect keystrokes.
AZORult - AZORult is a trojan that collects and removes data from the infected system. Once malware is installed on a system (usually delivered by an operating kit such as RIG), it can send stored passwords, local files, cryptocurrencies, and computer profile information to a remote command & control server.
10 most widespread malware threats in Greece for May 2019
Family of malware
The World Threat Impact Catalog and the CheckPoint ThreatCloud chart are based on Check Point's ThreatCloud intelligence, the largest cybercrime cooperation network that provides data on threats and trends in attacks, utilizing a global network threat detectors.
The database ThreatCloud includes more than 250 million addresses analyzed to detect bot, more than 11 million signatures of malware and more than 5,5 millions of infected sites, while recognizing millions of types of malware every day.