Get Cash Back and $0 Commissions
+ The Power of TradeStation
Globe Newswire 11-Dec-2018 9:43 AM
Check Point's latest Global Threat Index reveals the Emotet botnet rising up the top malware list in November as a result of multiple campaigns; Coinhive remains at top position for 12th consecutive month
SAN CARLOS, Calif., Dec. 11, 2018 (GLOBE NEWSWIRE) -- Check Point® Software Technologies Ltd. (NASDAQ:CHKP), a leading provider of cyber-security solutions globally, has published its latest Global Threat Index for November 2018. The index reveals that the Emotet botnet has entered the Index's top 10 ranking after researchers saw it spread through several campaigns, including a Thanksgiving-themed campaign.
This involved sending malspam emails in the guise of Thanksgiving cards, containing email subjects such as happy "Thanksgiving day wishes", "Thanksgiving wishes" and "the Thanksgiving day congratulation!" These emails contained malicious attachments, often with file names related to Thanksgiving, to spread the botnet and deploy other malware and malicious campaigns. As a result, eth Emotet botnet's global impact has increased 25% compared to October 2018.
Meanwhile, November was the first anniversary of the Coinhive cryptominer leading the Global Threat Index, which it has done since December 2017. During the past 12 months, Coinhive alone impacted 24% of organizations worldwide, while cryptomining malware had an overall global impact of 38%.
"This month, we have seen a significant increase in efforts to spread the Emotet botnet that have used seasonal messages to encourage clicks," said Maya Horowitz, Director, Threat Intelligence and Research at Check Point. "Individuals and businesses expect to receive seasonal messages. These have been leveraged to spread the Emotet botnet, as part of the malware's social engineering methods to lure potential victims into opening malicious emails. Given this capability, along with its persistence and use of evasion techniques to avoid detection, Emotet appears to have had a successful month."
While Coinhive remains popular, having remained the most prolific malware aimed at organizations for a year, there has been an increase in malware that can be used to deploy additional payloads to infected machines. These forms can maximise returns for attackers due to their multipurpose nature.
November 2018's Top 3 ‘Most Wanted':
*The arrows relate to the change in rank compared to the previous month.
Triada, the modular backdoor for Android has retained first place in the top mobile malware list. Hiddad has climbed to second place, replacing Android banking Trojan and info-stealer Lokibot, which has fallen to third place.
November's Top 3 ‘Most Wanted' mobile malware:
Check Point researchers also analyzed the most exploited cyber vulnerabilities. Once again, CVE-2017-7269 remains in first place of the top exploited vulnerabilities list, with a global impact of 48% of organizations. OpenSSL TLS DTLS Heartbeat Information Disclosure keeps its second place with a global impact of 44%. CVE-2016-6309, a vulnerability in the tls_get_message_body function of OpenSSL is in third place, impacting 42% of organizations.
November's Top 3 ‘Most Exploited' vulnerabilities:
Check Point's Global Threat Impact Index and its ThreatCloud Map is powered by Check Point's ThreatCloud intelligence, the largest collaborative network to fight cybercrime which delivers threat data and attack trends from a global network of threat sensors. The ThreatCloud database holds over 250 million addresses analyzed for bot discovery, more than 11 million malware signatures and over 5.5 million infected websites, and identifies millions of malware types daily.
* The complete list of the top 10 malware families in November can be found on the Check Point Blog: http://blog.checkpoint.com/2018/12/11/november-2018s-most-wanted-malware-the-rise-of-the-thanksgiving-day-botnet/
Check Point's Threat Prevention Resources are available at: http://www.checkpoint.com/threat-prevention-resources/index.html
Follow Check Point via:
Twitter: http://www.twitter.com/checkpointsw
Facebook: https://www.facebook.com/checkpointsoftware
Blog: http://blog.checkpoint.com
YouTube: http://www.youtube.com/user/CPGlobal
LinkedIn: https://www.linkedin.com/company/check-point-software-technologies
About Check Point Software Technologies Ltd.
Check Point Software Technologies Ltd. (www.checkpoint.com) is a leading provider of cyber security solutions to governments and corporate enterprises globally. Its solutions protect customers from cyber-attacks with an industry leading catch rate of malware, ransomware and other types of attacks. Check Point offers a multilevel security architecture that defends enterprises' cloud, network and mobile device held information, plus the most comprehensive and intuitive one point of control security management system. Check Point protects over 100,000 organizations of all sizes.
INVESTOR CONTACT: | MEDIA CONTACT: |
Kip E. Meintzer | Emilie Beneitez Lefebvre |
Check Point Software Technologies | Check Point Software Technologies |
+1.650.628.2040 | Tel: +44 (0) 7785 381 302 |
ir@checkpoint.com | press@checkpoint.com |