Globe Imposter Named Second Most Prevalent Malware for August 2017

Por David Bisson
Em 20/09/2017 no site The State of Security

Globe Imposter earned the dubious title of second most prevalent malware for its impact on organizations worldwide in August 2017.

Researchers first discovered Globe Imposter, a crypto-malware family that masquerades as Globe ransomware, in May 2017. The digital threat’s proliferation remained steady for several months. But in August 2017, the ransomware revved up its distribution via malspam campaigns, exploit kits and malvertising, as well as launched a flurry of new variants.

Check Point’s Global Threat Index measured Globe Imposter’s impact for August 2017 at six percent of organizations worldwide.

That’s not the only significant malware trend documented by Check Point. It also found an overall increase in banking trojan activity. As the Check Point Research Team explains:

“The Zeus, Ramnit and Trickbot banking trojans all appeared in the top ten. The Trojans work by identifying when the victim is visiting a banking website, and then utilizes keylogging or webinjects to harvest basic login credentials or more sensitive information such as PIN numbers. Another popular method used by tojans is re-directing victims to fake banking websites, designed to mimic legitimate ones and steal credentials that way.”

Trend of banking trojans activity in recent months. (Source: Check Point)

Some familiar faces appeared on Check Point’s August 2017 Global Threat Index. Fireball, a browser-hijacker that affected one in five organizations back in May 2017, came in as August’s fourth most wanted malware. Meanwhile, the top spot went to RoughTed, a malvertising campaign which decreased in impact from 18 percent to 12 percent of organizations worldwide.

Check Point’s Global Threat Index demonstrates how the malware threat landscape is always changing. In response, it’s important that users and businesses take certain steps to prevent a malware infection. First, they should install an anti-virus solution on all workstations. Second, organizations should remind their employees to verify the domain of a website before entering in sensitive personal, financial, or corporate information. Third, enterprises should review their vulnerability management program in order to minimize the threat posed by exploit kits.

To learn how your organization can strengthen its vulnerability management processes, click here.