Check Point May 2019 Top 10 malware in Greece

The Check Point Research, the research division of Check Point Software Technologies Ltd., has released its latest Global Threat List for May 2019.

The map also contains the widespread threats of malware identified in Greece in May of 2019.

agent Tesla - AgentTesla is a sophisticated RAT that acts as a keylogger and as software κλοπής κωδικών πρόσβασης μολύνοντας υπολογιστές από το 2014. Το AgentTesla έχει τη δυνατότητα να παρακολουθεί και να συλλέγει τις καταχωρήσεις του πληκτρολογίου του θύματος και το system clipboard, να λαμβάνει στιγμιότυπα οθόνης και να απομακρύνει τα credentials από λογισμικό εγκατεστημένο στο μηχάνημα του θύματος (συμπεριλαμβανομένου του Google Chrome, του Mozilla Firefox και του email client του Microsoft Outlook). AgentTesla is sold as a legitimate RAT with interested parties paying $15 – $69 for a single user license.

JSEcoin - JavaScript production software that can be integrated into websites. With JSEcoin, you can run the production software directly in the browser in exchange for a non-ad browsing experience, game coins, and other incentives.

Lokibot - Lokibot is a spyware software that spreads primarily through phishing email and is used to intercept data such as e-mail credentials, as well as passwords to electronic cryptographic wallets and FTP servers.

Trickbot - Trickbot is a variation of Dyre that appeared in October of 2016. Since then, it has been primarily targeted at banking users in Australia and the United Kingdom, and has recently started appearing in India, Singapore and Malaysia.

Cryptoloot - Cryptocurrency software that uses the power of the central processing unit (CPU) or graphics processor (GPU) and the victim's existing resources to generate cryptocurrencies - adding transactions to the blockchain and generating new currencies. It competes with Coinhive.

Ramnit - Ramnit is a worm that infects and spreads mainly through removable drives and files loaded into public FTP services. Malicious software creates a copy of itself to infect removable and permanent drivers. Malware also works as a backdoor.

Emotet - Sophisticated modular trojan that replicates itself. Emotet once operated as a Trojan horse bank account data and was recently used to distribute other malicious software or malware propagation campaigns. It uses many avoidance methods and techniques to stay in the system and avoid detection. Additionally, it can spread through unwanted phishing emails that contain attachments or links to malicious content.

XMRig - XMRig is an open-source mining CPU software used for the Monero Cryptography process and was first released in May in 2017.

Nivdort - Nivdort is a Trojan software family targeted at the Windows platform. It collects passwords and system information or settings such as Windows version, IP address, software configuration, and approximate location. Some versions of this malicious software collect keystrokes.

AZORult - AZORult is a trojan that collects and removes data from the infected system. Once malware is installed on a system (usually delivered by an operating kit such as RIG), it can send stored passwords, local files, cryptocurrencies, and computer profile information to a remote command & control server.

Check Point's Global Threat Impact Index and ThreatCloud Map are powered by Check Point's ThreatCloud intelligence, the largest cybercrime collaboration network that provides data on threats and trends in attacks, leveraging a global network of threat detectors.

The database ThreatCloud includes more than 250 million addresses analyzed to detect bot, more than 11 million signatures of malware and more than 5,5 millions of infected sites, while recognizing millions of types of malware every day.

_________________________

• Check Point The most common malware for May
• Pale Moon Archive Server with Malware Dropper from 2017
• Windows 10 20H1 build 18932 new ISO from Microsoft
• Microsoft: telemetry to Windows security update files