1Crypto-Mining Malware Tops Check Point List of Top Cyber-Threats
In its latest Global Threat Index, security firm Check Point highlighted the top 10 malware types affecting companies today. The list, which was compiled after Check Point’s evaluation of 11 million malware signatures, suggests crypto-mining malware remains the most prevalent threat to enterprises followed by malvertising, browser hijackers and botnets. Check Point also found that enterprises are still not doing enough to patch known vulnerabilities that are being exploited by hackers and cyber-criminal, making unwary companies vulnerable to crypto-mining attacks, ransomware, data breaches and other losses. This eWEEK slide show will discuss the top 10 threats in more detail.
2Coinhive Crypto-Mining Malware Tops the List
Coinhive is the most widely deployed targeting companies, according to Check Point’s evaluation. The malware takes control over machines processing power to mine the Monero crypto-currency. In order to do that, however, unsuspecting victims need to visit a malicious webpage to pick up the Coinhive malware infection
3Cryptoloot Targets Blockchain Ledgers
Next up is Cryptoloot. Like Coinhive, Cryptoloot is a Crypto-Miner, but doesn’t specifically target Monero when it takes control over computers. Cryptoloot uses a computer’s processing power to create false crypto-currency transactions that are posted to the blockchain ledger for Bitcoin and other crypto-currency types. It also tries to release new currency through the infected machines.
4Roughted Infects Websites With Malvertising
Roughted is a malvertising attack that creates a large number of malicious websites infested with adware, exploit kits, and ransomware among other malware, according to Check Point. The malicious files can target computers running any operating system and are capable of bypassing ad-blockers and other protective measures to deliver a malware payload.
6Andromeda Creates Network Backdoors for Cyber-Attacks
Andromeda is what Check Point calls a “modular bot.” The malware is typically used in the corporate world as a hidden backdoor that allows even more malicious software to be installed on an infected machine or network to steal data or plant ransomware. It can also be used to create a variety of botnets, according to Check Point.
7Fireball Hijacks Browsers to Spread Malware
Fireball is a browser hijacker that malicious hackers often use as a malware downloader, according to Check Point. It’s a scary malware that can execute malicious code from afar and has been known to steal victims’ user credentials and install additional malware once it’s infected a corporate machine.
8XMRig Rising Rapidly as Prevalent Crypto-Miner
9Dorkbot IRC Worm Infects Web Sites Through Message Forums
Dorkbot is an IRC (internet relay chat) worm that breaks into a victim’s computer and allows malicious hackers to remotely execute code. Dorkbot is also capable of downloading more malware onto a machine. So far, the malware has mainly been used to steal company data and launch denial-of-service attacks, according to Check Point.
10Nivdort Bot Designed to Steal Passwords
Nivdort is a bot that also goes by the name Bayrob. The malware frequently invest corporate computers to steal passwords and alter system settings. In some cases, Nivdort acts as a gateway that allows more malware to be downloaded to a computer. Nivdort typically relies upon spam to target companies.
11Necurs Botnet Spreads Ransomware
Necurs is a botnet that targets companies through spam emails to spread ransomware by duping email recipients into clicking on malicious links and files. Necurs is also used to spread banking Trojans, according to Check Point.