The latest Global Threat Index from Check Point shows that at the end of last year cryptominers still took the top three places in the malware charts, despite an overall drop in value across all cryptocurrencies in 2018.
Coinhive retained its number one position for the 13th month in a row, impacting 12 percent of organizations worldwide. XMRig was the second most prevalent malware with a global reach of eight percent, closely followed by the JSEcoin miner in third with a global impact of seven percent.
The report also shows banking Trojans rising up the index, with Ramnit, a banking Trojan that steals login credentials and other sensitive data, returning to the top 10 this month in eighth place.
“December’s report saw SmokeLoader appearing in the top 10 for the first time,” Maya Horowitz, threat intelligence and research group manager at Check Point says. “Its sudden surge in prevalence reinforces the growing trend towards damaging, multi-purpose malware in the Global Threat Index, with the top 10 divided equally between cryptominers and malware that uses multiple methods to distribute numerous threats. The diversity of the malware in the Index means that it is critical that enterprises employ a multi-layered cybersecurity strategy that protects against both established malware families and brand new threats.”
In the mobile space Triada, the modular backdoor for Android, has retained first place in the malware list. Guerilla has climbed to second place, replacing Hiddad. Meanwhile, Lotoor has replaced Android banking Trojan and info-stealer Lokibot in third place.
Check Point researchers also analyzed the most exploited cyber vulnerabilities. Holding on to first place here is CVE-2017-7269, whose global impact also rose slightly to 49 percent, compared to 47 percent in November. In second place is OpenSSL TLS DTLS Heartbeat Information Disclosure, with a global impact of 42 percent, closely followed by PHPMyAdmin Misconfiguration Code Injection with an impact of 41 percent.
You can read more about the findings on the Check Point blog.
Image credit: FabreGov / Shutterstock