SV joins the top 10 global threats

Remote Access Trojan (RAT), called FlawedAmmyy, recently joined the Global Threat Index after researchers at Check Point discovered a lot of attack campaigns using SV, culminating in in October 2018.

Checkpoint said FlawedAmmyy, this attack allows the culprit to control the victim's computer remotely, take full control of the camera, microphone of the device, collect screenshots, steal login information, data sensitive data and monitor user activity.

This is the first time that RAT has joined the Global 10 Top Index, even though it only ranked last. Meanwhile, malware-hunting malware dominates the top positions. Coinhive dominates this chart when it accounts for about 18% of global influence (ie about one-fifth of organizations worldwide are affected by this malware). Cryptloot affects 8% of organizations that have been attacked by malware in the past few months.

The map shows the impact of regional malware

Check Point also said that 'Although the virtual money digging tool is still a major danger, many of the malware families on this list target user data such as login information, sensitive data, account information. banking, payment . shows that this information is still not very attractive to cyber criminals'.

Two virtual money-digging malware are followed by Dorkbot, an IRC computer worm with remote code execution, and Roughted, an advertising malware used to spread many forms of payloads. Andromeda backdoor allows its owner to create very powerful botnet and Jsecoin JavaScript-based digging tool occupies 5th and 6th position.

The end of this ranking is Monero's pre-mining CPU called XMRig, the bank Trojan used to categorize personal information, the famous Ramnit and computer worms Conficker with control and Remote malware release.

The 10th place is RAT FlawedAmmyy, the first face to appear, a remote version of the Trojan for remote desktop configuration software Ammyy Admin.

Here is a list of 10 global threat Threat Index

1. Coinhive
2. Cryptoloot
3. Dorkbot
4. Roughted
5. Andromeda
6. Jsecoin
7. XMRig
8. Coinficker
9. FlawedAmmyy SV

Top 3 malware on mobile

1. Triada
2. Lokibot
3. Hiddad

Top 3 most exploited vulnerabilities

1. Microsoft IIS WebDAV ScStoragePathFromUrl Buffer Overflow (CVE-2017-7269)
2. OpenSSL TLS DTLS Heartbeat Information Disclosure (CVE-2014-0160; CVE-2014-0346
3. PHPMyAdmin Misconfiguration Code Injection web servers

See more:

1. LokiBot - bank trojan on Android turns into ransomware when you try to delete it
2. Hacker hijack CoinHive DNS to dig virtual money with thousands of websites
3. Malware digs virtual money over antivirus programs, forcing Windows to crash