Qbot Most Prevalent Malware in First Half of 2023 and Mobile Trojan SpinOk Makes its Debut

Editorial Desk
By Editorial Desk 4 Min Read

The Trojan Qbot has emerged as the most prevalent malware in the first half of 2023, with mobile Trojan SpinOk making its debut in June.

This comes as ransomware activities continue to rise following a major vulnerability in file-sharing software MOVEit.

Check Point Research, a leading cybersecurity solutions provider, has released its Global Threat Index for June 2023, highlighting the increasing threats faced by organizations worldwide.

Qbot, which first appeared in 2008, has evolved into a multipurpose Trojan aimed at stealing sensitive information such as passwords and credit card details.

It uses various techniques to avoid detection and analysis, making it a formidable threat. Moreover, Qbot acts as a loader for other malware, making it a prime tool for ransomware groups.

In a surprising turn of events, mobile Trojan SpinOk has taken the top spot in the malware list for June. This Trojanized Software Development Kit (SDK) has infiltrated popular apps and games, posing a serious threat to user privacy and security.

With its ability to steal sensitive information and monitor clipboard activities, mobile devices are becoming increasingly vulnerable to attacks. The rise of SpinOk serves as a reminder of the destructive nature of software supply chain attacks.

Furthermore, the impact of ransomware has been magnified by the exploitation of vulnerabilities in widely-used software.

In May, ransomware group Clop targeted organizations worldwide by taking advantage of a vulnerability in file-sharing software MOVEit. This highlights the importance of promptly patching and updating software to prevent such attacks.

The Global Threat Index also reveals the top attacked industries globally. Communications remains in first place as the most exploited industry, followed by Utilities and Transportation. These industries are prime targets for cybercriminals due to their critical infrastructure and sensitive data.

In terms of vulnerabilities, the “Web Servers Malicious URL Directory Traversal” vulnerability was the most exploited, impacting 51% of organizations globally. This vulnerability allows remote attackers to access arbitrary files on vulnerable servers.

The “Apache Log4j Remote Code Execution” vulnerability and the “HTTP Headers Remote Code Execution” vulnerability were also frequently exploited.

On the mobile malware front, SpinOk rose to first place in the most prevalent mobile malware, followed by Anubis and AhMyth. SpinOk operates as spyware, collecting information about files stored on devices and transferring them to malicious actors.

Anubis is a banking Trojan with additional functions such as remote access and ransomware capabilities. AhMyth is a remote access Trojan that can perform various actions on infected devices.

The Global Threat Index and ThreatCloud Map by Check Point are powered by real-time threat intelligence derived from millions of sensors worldwide.

This intelligence, enriched with AI-based engines and exclusive research data, helps organizations stay informed about the latest threats and take proactive measures to protect their systems and data.

Share This Article
Leave a comment
WP2Social Auto Publish Powered By : XYZScripts.com