SAN CARLOS, Calif., Sept. 14, 2022 (GLOBE NEWSWIRE) -- Check Point Research (CPR), the Threat Intelligence arm of Check Point® Software Technologies Ltd. (NASDAQ: CHKP), a leading provider of cyber security solutions globally, has published its latest Global Threat Index for August 2022. CPR reports that FormBook is now the most prevalent malware, taking over from Emotet, which has held that position since its reappearance in January.
FormBook is an Infostealer targeting Windows OS which, once deployed, can harvest credentials, collect screenshots, monitor and log keystrokes as well as download and execute files according to its command and control (C&C) orders. Since it was first spotted in 2016, it has continued to make a name for itself, marketed as a Malware as a Service (MaaS) in underground hacking forums, known for its strong evasion techniques and relatively low price.
August also saw a rapid increase in GuLoader activity, which resulted in it being the fourth most widespread malware. GuLoader was initially used to download Parallax RAT but has since been applied to other remote access trojans and infostealers such as Netwire, FormBook and Agent Tesla. It is commonly distributed through extensive email phishing campaigns, that lure the victim into downloading and opening a malicious file, allowing the malware to get to work.
Additionally, Check Point Research reports that Joker, an Android spyware, is back in business and has claimed third place in the top mobile malware list this month. Once Joker is installed, it can steal SMS messages, contact lists and device information as well as sign the victim up for paid premium services without their consent. Its rise can partially be explained by an uplift in campaigns as it was recently spotted to be active in some Google Play Store applications.
“The shifts that we see in this month’s index, from Emotet dropping from first to fifth place to Joker becoming the third most prevalent mobile malware, is reflective of how fast the threat landscape can change,” said Maya Horowitz, VP Research at Check Point Software. “This should be a reminder to individuals and companies alike, of the importance of keeping up to date with the most recent threats as knowing how to protect yourself is essential. Threat actors are constantly evolving and the emergence of FormBook shows that we can never be complacent about security and must adopt a holistic, prevent-first approach across networks, endpoints and the cloud.”
CPR also revealed this month that the Education/Research sector is still the most targeted industry by cybercriminals globally. With Government/Military and Healthcare taking second and third place as the most attacked sectors. “Apache Log4j Remote Code Execution” returns to first place as the most exploited vulnerability, impacting 44% of organizations worldwide, after overtaking “Web Server Exposed Git Repository Information Disclosure” which had an impact of 42%.
Top malware families
*The arrows relate to the change in rank compared to the previous month.
FormBook is the most widespread malware this month impacting 5% of organizations worldwide, followed by AgentTesla with an impact of 4% and XMRig with 2%.
Top Attacked Industries Globally
This month the Education/Research sector remained in first place as the most attacked industry globally, followed by Government/Military andHealthcare.
Top Exploited Vulnerabilities
This month, “Apache Log4j Remote Code Execution” is the most common exploited vulnerability, impacting 44% of organizations globally, followed by “Web Server Exposed Git Repository Information Disclosure” which dropped from first place to second with an impact of 42%. “Web Servers Malicious URL Directory Traversal” remains in the third place, with a global impact of 39%.
Top Mobile Malwares
This month AlienBot is the most prevalent Mobile malware, followed by Anubis andJoker.
Check Point’s Global Threat Impact Index and its ThreatCloud Map is powered by Check Point’s ThreatCloud intelligence. ThreatCloud provides real-time threat intelligence derived from hundreds of millions of sensors worldwide, over networks, endpoints and mobiles. The intelligence is enriched with AI-based engines and exclusive research data from Check Point Research, The Intelligence & Research Arm of Check Point Software Technologies.
The complete list of the top ten malware families in July can be found on the Check Point blog.
Follow Check Point Research via: Blog: https://research.checkpoint.com/Twitter: https://twitter.com/_cpresearch_
About Check Point ResearchCheck Point Research provides leading cyber threat intelligence to Check Point Software customers and the greater intelligence community. The research team collects and analyzes global cyber-attack data stored on ThreatCloud to keep hackers at bay, while ensuring all Check Point products are updated with the latest protections. The research team consists of over 100 analysts and researchers cooperating with other security vendors, law enforcement and various CERTs.
About Check Point Software Technologies Ltd. Check Point Software Technologies Ltd. (www.checkpoint.com) is a leading provider of cyber security solutions to corporate enterprises and governments globally. Check Point Infinity´s portfolio of solutions protects enterprises and public organizations from 5th generation cyber-attacks with an industry leading catch rate of malware, ransomware and other threats. Infinity comprises three core pillars delivering uncompromised security and generation V threat prevention across enterprise environments: Check Point Harmony, for remote users; Check Point CloudGuard, to automatically secure clouds; and Check Point Quantum, to protect network perimeters and datacenters, all controlled by the industry’s most comprehensive, intuitive unified security management. Check Point protects over 100,000 organizations of all sizes.
MEDIA CONTACT: | INVESTOR CONTACT: |
Emilie Beneitez Lefebvre | Kip E. Meintzer |
Check Point Software Technologies | Check Point Software Technologies |
press@us.checkpoint.com | ir@us.checkpoint.com |