Check Point May 2019 Top 10 malware in Greece

Check Point Research, the Check Point Software Technologies Ltd. research division, published the latest World Threat Index for 2019 in May.

The map also contains the widespread threats of malware identified in Greece in May of 2019.

agent Tesla - AgentTesla is a sophisticated RAT that acts as a keylogger and password stealing software infecting computers since 2014. AgentTesla has the ability to monitor and collect the victim's keyboard entries and system clipboard, take screenshots and remove credentials from software installed on the victim's machine (including Google Chrome, Mozilla Firefox and the Microsoft Outlook email client). AgentTesla is sold as a legitimate RAT with interested parties paying $15 – $69 for a single user license.

JSEcoin - JavaScript production software that can be integrated into websites. With JSEcoin, you can run the production software directly in the browser in exchange for a non-ad browsing experience, game coins, and other incentives.

Lokibot - Lokibot is spyware that is mainly spread through phishing emails and usesused to intercept data such as email credentials, as well as passwords to cryptocurrency wallets and FTP servers.

Trickbot - Trickbot is a variation of Dyre that appeared in October of 2016. Since then, it has been primarily targeted at banking users in Australia and the United Kingdom, and has recently started appearing in India, Singapore and Malaysia.

Cryptoloot - Cryptocurrency software that uses the power of the central processing unit (CPU) or graphics processor (GPU) and the victim's existing resources to generate cryptocurrencies - adding transactions to the blockchain and generating new currencies. It competes with Coinhive.

Ramnit - Ramnit is a worm that infects and spreads mainly through removable drives and files loaded into public FTP services. Malicious software creates a copy of itself to infect removable and permanent drivers. Malware also works as a backdoor.

Emotet - Sophisticated modular trojan that replicates itself. Emotet once operated as a Trojan horse bank account data and was recently used to distribute other malicious software or malware propagation campaigns. It uses many avoidance methods and techniques to stay in the system and avoid detection. Additionally, it can spread through unwanted phishing emails that contain attachments or links to malicious content.

XMRig - XMRig is a CPU mining software open source code that is used for the production process of the Monero cryptocurrency and was first seen in circulation in May 2017.

Nivdort - Nivdort is a Trojan software family targeted at the Windows platform. It collects passwords and system information or settings such as Windows version, IP address, software configuration, and approximate location. Some versions of this malicious software collect keystrokes.

AZORult – AZORult is a trojan that collects and removes data from the infected system. Once the malware is installed on a system (usually delivered by an exploit kit like RIG), it can send stored passwords, locally archives, crypto-wallets and computer profile information on remote command & control server.

The World Threat Impact Catalog and the CheckPoint ThreatCloud chart are based on Check Point's ThreatCloud intelligence, the largest cybercrime cooperation network that provides data on threats and trends in attacks, utilizing a global network threat detectors.

The database ThreatCloud includes more than 250 million addresses analyzed to detect bot, more than 11 million signatures of malware and more than 5,5 millions of infected sites, while recognizing millions of types of malware every day.

_________________________

• Check Point The most common malware for May
• Pale Moon Archive Server with Malware Dropper from 2017
• Windows 10 20H1 build 18932 new ISO from Microsoft
• Microsoft: telemetry to Windows security update files