Emotet has returned as one of the most prevalent malware in the wild after a quiet summer. Additionally, the Trojan Qbot made the list for the first time since 2021, and the Raspberry Robin worm has had a notable influx in use.
These are some of the key findings from Check Point Research (CPR)’s November 2022's Most Wanted Malware report published yesterday, which also highlighted that AgentTesla remained the most prevalent malware last month.
In particular, CPR said AgentTesla impacted 6% of organizations worldwide, followed by Emotet and Qbot, both with 4%.
In terms of the most attacked industries, education/research remained the most impacted industry globally in November, followed by government/military and healthcare.
The top exploited vulnerabilities last month were those leveraging a directory traversal flaw on different web servers. The vulnerability stems from an input validation error in a web server that does not correctly sanitize the URL for directory traversal patterns. It could allow unauthenticated, remote attackers to disclose or access arbitrary files on the server.
This vulnerability impacted 46% of organizations globally, followed by “web server exposed git repository information disclosure,” with an impact of 45%.
As for mobile threats, Anubis remained the most prevalent malware in November, followed by Hydra and AlienBot.
“While this sophisticated malware can lie dormant during quieter periods, the last few weeks act as a stark reminder that they will not remain quiet for long,” explained Maya Horowitz, VP of research at Check Point Software.
“We cannot afford to become complacent, so it’s important that everyone remains vigilant when opening emails, clicking on links, visiting websites or sharing personal information.”
More information about the most widespread cyber-threats in November is available in CPR’s latest report. Its publication comes amidst previsions that 2023 could be another turbulent time for cybersecurity.