- Mastering Azure management: A comparative analysis of leading cloud platforms
- Sweat the small stuff: Data protection in the age of AI
- GAO report says DHS, other agencies need to up their game in AI risk assessment
- This LG Bluetooth speaker impressed me with a design feature I've yet to see on competitors
- Amazon's AI Shopping Guides helps you research less and shop more. Here's how it works
Phorpiex Botnet Named “Most Wanted Malware” in November 2020
The Phorpiex botnet earned the notorious designation of “most wanted malware” for the month of November 2020.
In its Global Threat Index for November 2020, Check Point Research revealed that it had observed a surge in new Phorpiex botnet infections that had affected four percent of organizations globally.
This threat activity enabled Phorpiex to return to Check Point Research’s monthly malware list for the first time since June 2020. It also succeeded in pushing the threat to the top of that roundup.
Discovered in 2010, Phorpiex has a history of distributing other malware families such as GandCrab ransomware along with sextortion scams.
The attacks detected by Check Point Research involved Avaddon ransomware as the botnet’s payload. Such activity could be the result of the crypto-malware gang’s growing affiliate program. As explained by the security firm:
Avaddon is a relatively new Ransomware-as-a-Service (RaaS) variant, and its operators have again been recruiting affiliates to distribute the ransomware for a cut of the profits. Avaddon has been distributed via JS and Excel files as part of malspam campaigns and is able to encrypt a wide range of file types.
Behind Phorpiex came Dridex and Hiddad. The former is a trojan that reportedly uses spam email attachments for distribution in order to steal information off of and execute arbitrary modules on infected Windows machines. The latter is an Android threat that conceals itself within repackaged mobile apps offered on third-party app marketplaces in order to display ads to its victims.
The Global Threat Index for November 2020 found that both Phorpiex and Dridex had affected three percent of organizations globally.
This news highlights the need for organizations to defend themselves against threats such as Phorpiex, Dridex and Hiddad.
They can do so by familiarizing themselves with some of the most common types of phishing attacks that are in circulation today and taking steps to prevent a ransomware infection. They can also invest in a solution that can help to identify suspicious files within a quarantined environment.
