- How the web’s foundational tech is evolving in the era of remote work
- ITDM 2025 전망 | “불경기 시대 속 콘텐츠 산업··· 기술이 돌파구를 마련하다” CJ ENM 조성철 엔터부문 CIO
- 50억 달러 피해에서 700명 해고까지··· 2024년 주요 IT 재난 8선
- Network problems delay flights at two oneworld Alliance airlines
- Leveraging Avaya Experience Platform to accelerate your digital banking transformation
Advanced RAT AgentTesla Most Prolific Malware in October
Info-stealing malware accounted for the three most widespread variants in October, comprising nearly a fifth (16%) of global detections, according to Check Point.
The security vendor’s Global Threat Index for October 2022 is compiled from hundreds of millions of its own threat intelligence sensors, installed across customer networks, endpoints and mobile devices.
It revealed that AgentTesla was the most widespread malware, impacting 7% of organizations. The advanced RAT malware works as a keylogger and information stealer capable of collecting the victim’s keystrokes, taking screenshots and exfiltrating credentials, according to the company.
In second and third place on the top 10 were SnakeKeylogger (5%), a modular .NET keylogger and credential stealer first detected in November 2020, and info-stealer Lokibot (4%). The latter is distributed mainly by phishing emails and is used to steal data including email credentials and passwords to cryptocurrency wallets and FTP servers, the report claimed.
All three moved up in the top 10 list from the previous month, while the likes of prolific Trojan Emotet and info-stealer Formbook slumped.
“We saw a lot of change in the rankings this month, with a new set of malware families making up the big three. It is interesting that Lokibot has climbed back to the third spot so quickly, which shows an increasing trend towards phishing attacks,” explained Maya Horowitz, VP research at Check Point Software.
“As we head into November, which is a busy buying period, it is important that people remain vigilant and keep an eye out for suspicious emails that could be carrying malicious code. Be aware of signs such as an unfamiliar sender, request for personal information and links. If in doubt, visit websites directly and find the appropriate contact information from verified sources, and make sure you have malware protection installed.”
According to the report, the education sector remained the most attacked globally, followed by government/military and healthcare.
