Check Point May 2019 Top 10 malware in Greece

Check Point Research, the Check Point Software Technologies Ltd. research division, published the latest World Threat Index for 2019 in May.

Ο χάρτης contains the widespread threats of malware identified in Greece in May of 2019.

agent Tesla - AgentTesla is a sophisticated RAT that acts as a keylogger and password stealing software infecting computers since 2014. AgentTesla has the ability to monitor and collect the victim's keyboard entries and system clipboard, take screenshots and remove credentials from software installed on the victim's machine (including Google Chrome, Mozilla Firefox, and the Microsoft Outlook email client). AgentTesla is sold as a legitimate RAT with interested parties paying $15 – $69 for a single user license.

JSEcoin - JavaScript production software that can be integrated into websites. With JSEcoin, you can run the production software directly in the browser in exchange for a non-ad browsing experience, game coins, and other incentives.

Lokibot - Lokibot is spyware that is primarily distributed via phishing emails and is used to data interception such as email credentials, as well as passwords to cryptocurrency wallets and FTP servers.

Trickbot - Trickbot is a variant of Dyre that appeared in October 2016. Since then, it has mainly targeted banking users στην Αυστραλία και το Ηνωμένο Βασίλειο ενώ πρόσφατα άρχισε να εμφανίζεται και στην Ινδία, τη Σιγκαπούρη και τη Μαλεσία.

Cryptoloot - Cryptocurrency software that uses the power of the central processing unit (CPU) or graphics processor (GPU) and the victim's existing resources to generate cryptocurrencies - adding transactions to the blockchain and generating new currencies. It competes with Coinhive.

Ramnit – Ramnit is a worm that infects and spreads primarily through removable drives and files uploaded to public services FTP. The malware creates a copy of itself to infect removable and permanent drivers. The malware also acts as a backdoor.

Emotet - Sophisticated modular trojan that replicates itself. Emotet once operated as a Trojan horse bank account data and was recently used to distribute other malicious software or malware propagation campaigns. It uses many avoidance methods and techniques to stay in the system and avoid detection. Additionally, it can spread through unwanted phishing emails that contain attachments or links to malicious content.

XMRig - XMRig is an open-source mining CPU software used for the Monero Cryptography process and was first released in May in 2017.

Nivdort - Nivdort is a Trojan software family targeted at the Windows platform. It collects passwords and system information or settings such as Windows version, IP address, software configuration, and approximate location. Some versions of this malicious software collect keystrokes.

AZORult - AZORult is a trojan that collects and removes data from the infected system. Once malware is installed on a system (usually delivered by an operating kit such as RIG), it can send stored passwords, local files, cryptocurrencies, and computer profile information to a remote command & control server.

The World Threat Impact Catalog and the CheckPoint ThreatCloud chart are based on Check Point's ThreatCloud intelligence, the largest cybercrime cooperation network that provides data on threats and trends in attacks, utilizing a global network threat detectors.

The database ThreatCloud includes more than 250 million addresses analyzed to detect bot, more than 11 million signatures of malware and more than 5,5 millions of infected sites, while recognizing millions of types of malware every day.

_________________________

• Check Point The most common malware for May
• Pale Moon Archive Server with Malware Dropper from 2017
• Windows 10 20H1 build 18932 new ISO from Microsoft
• Microsoft: telemetry to Windows security update files