Trickbot, a trojan designed to steal banking information, is the most prevalent malware affecting 4 percent organisations across the world, a new study has revealed.

Malwares XMRig and Remcos are two other commonly-used vulnerabilities, cybersecurity solutions provider Check Point Software Technologies said in the report, ‘Global Threat Index for October 2021.’

“Globally, one out of every 61 organisations is impacted by ransomware every week. That’s a shocking figure and companies need to do more. Many attacks start with a simple email, so educating users on how to identify a potential threat is one of the most important defences an organisation can deploy,” said Maya Horowitz, Vice-President of Research at Check Point Software.

Also read: Deepfakes, cryptocurrencies and mobile wallets: Cybercriminals find new targets

The report also said the education or research sector was the most attacked industry globally, followed by communications and government/military industries.

Latest entrant

The latest entrant in the top 10 list of exploited vulnerabilities for October is Apache HTTP Server Directory Traversal. On discovery of the malware, developers of Apache had released a patch to fix the path traversal bug in Apache HTTP Server 2.4.50. However, the patch was insufficient in protecting against the vulnerability. This high-impact vulnerability can be exploited by attackers to gain access to arbitrary files on the affected system, Check Point Research, the threat intelligence arm of Check Point Software Technologies, said.

“The Apache vulnerability only came to light early in October and is already one of the top 10 most exploited vulnerabilities worldwide, showing how fast attackers move,” Horowitz said.

More about malwares

The trojan ,Trickbot, first identified in 2016, was initially used by sophisticated cybercrime actors to steal financial data. It has evolved into highly modular, multi-stage malware and can now be used to steal account credentials, financial details, personally information and drop ransomware. Trickbot has featured as the most prevalent malware five times earlier, Check Point Research said.

Also read: US to crack down on crypto ransomware attackers, issue guidelines: Report

XMRig is a legitimate open-source software used for mining of the Monero cryptocurrency, released in 2017. The application exploits vulnerable Windows, Linux and IIS servers to mine Monero.

Remcos, first released in 2016, opens a backdoor on the computer once it is installed, giving full access to a remote user. It can be distributed through malicious Microsoft Office documents in spam mails.

Also read: Explained: Why ransomware is so dangerous and hard to stop

(Edited by : Shoma Bhattacharjee)

First Published:Nov 11, 2021 7:55 PM IST