Emotet, Formbook and Trickbot have remained the top three malwares affecting Australians in the month of February, according to new research.
Check Point Research, the threat intelligence arm of Check Point Software, has published its latest Global Threat Index for February 2022.
In February, the top three malwares Emotet, Formbook and Trickbot have remained in the same position, the report found. CPR is currently seeing a number of malwares, including Emotet, take advantage of public interest on the Russia-Ukraine conflict by creating email campaigns on the topic that lure people into downloading malicious attachments.
COR says that Emotet has indeed spreading this with emails that contain malicious files and the subject Recall: Ukraine -Russia Military conflict: Welfare of our Ukrainian Crew member.
Top 10 Malware impacting Australia for February:
Emotet, 2.69% (percentage of Australian cyber incident cases impacted by this specific malware)
Emotet is an advanced, self-propagating and modular Trojan that was once used as a banking Trojan, and currently distributes other malware or malicious campaigns. Emotet uses multiple methods for maintaining persistence and evasion techniques to avoid detection and can be spread via phishing spam emails containing malicious attachments or links.
Formbook, 2.13% (percentage of Australian cyber incident cases impacted by this specific malware)
FormBook is an Infostealer targeting the Windows OS and was first detected in 2016. It is marketed as Malware as a Service (MaaS) in underground hacking forums for its strong evasion techniques and relatively low price. FormBook harvests credentials from various web browsers, collects screenshots, monitors and logs keystrokes, and can download and execute files according to orders from its C&C.
Trickbot, 1.12% (percentage of Australian cyber incident cases impacted by this specific malware)
Trickbot is a modular banking Trojan, attributed to the WizardSpider cybercrime gang. Mostly delivered via spam campaigns or other malware families such as Emotet and BazarLoader. Trickbot sends information about the infected system and can also download and execute arbitrary modules from a large…