Emotet Takes Summer Vacation, But Not 'Out-of-Office' - 2023

According to research conducted by Check Point, Emotet is still the most widespread kind of malware, despite a considerable reduction in the global impact it has had in recent years. It also includes new features and upgrades to its capabilities.

Check Point Research (CPR), the Threat Intelligence arm of Check Point® Software Technologies Ltd. (NASDAQ: CHKP), a leading provider of cyber security solutions worldwide, has published its most recent Global Threat Index for the month of July 2022. This announcement was made on August 10, 2022 via the GLOBE NEWSWIRE. According to CPR’s findings, the virus known as Emotet maintains its position as the most prevalent strain despite experiencing a fifty percent decrease in its global impact in comparison to the previous month.

Emotet has returned

to its normal global impact statistics and continues to be the most pervasive virus. This comes after Emotet’s global influence reached a peak the previous month. It is possible that the peak has passed as a result of summer vacations, as has been observed in the past. Despite this, new capabilities and enhancements to Emotet’s existing ones are continually being uncovered. For example, the most recent credit card stealer module that Emotet has produced and the adjustments that have been made to its spreading mechanisms.

In addition, the credential stealer known as Snake Keylogger dropped from third to eighth place for the month of July. In June, the Snake Keylogger was being distributed through malicious Word documents; hence, the recent statement by Microsoft that it will disable macros by default may be partially responsible for the drop in its prevalence. It has been replaced in third place by XMRig, which is open-source software for central processing units that is used to mine bitcoin. This demonstrates that cybercriminals are primarily “in it for the money,” regardless of whatever higher objectives that they may claim, such as hacktivism. Malibot, which was not included in the research for the previous month but is now the third most frequent kind of mobile malware worldwide, continues to pose a risk to customers of mobile banking services.

Maya Horowitz, Vice President of Research at Check Point Software, stated that Emotet continues to be at the top of their monthly top malware statistics. “In order to sustain its evasion and persistence, this botnet undergoes constant evolution. Its most recent innovations include a credit card stealer module, which means that businesses and consumers alike need to exercise additional caution whenever they make any kind of purchase online. In addition, given that Microsoft has confirmed that it would ban macros by default, we are curious to see how malware programs like as Snake Keylogger will adapt their strategies in response to this news.

This month, CPR also discovered that “Web Server Exposed Git Repository Information Disclosure” is the most widely exploited vulnerability, affecting 42% of firms worldwide. “Apache Log4j Remote Code Execution” came in a close second, affecting 41% of organizations. The vulnerability known as “Web Servers Malicious URL Directory Traversal” has maintained its position as the third most significant vulnerability worldwide, affecting 39% of all websites.