Emotet remains the most prevalent malware worldwide

Emotet is still the most prevalent malware worldwide, according to Check Point Research’s July 2022 Global Threat Index, despite a 50% reduction in its global impact compared to June.

After a peak in Emotet’s global impact in June, it is back to its global impact numbers and continues as the most widespread malware.

A peak dropping back down in July is quite a common occurrence with malware such as Emotet, due to summer breaks. Nevertheless, new features and improvements in Emotet’s capabilities are still discoverable.

Recently, a credit card stealer module has been developed, and adjustments have been made in its spreading systems.

Credential stealer ‘Snake Keylogger’ has also fallen from third to eighth place. In June, Snake Keylogger was being spread via malicious Word documents.

Check Point Research believes the decrease could be due to Microsoft’s recent confirmation that it will block macros by default.

XMRig, an open-source CPU software used to mine cryptocurrency has taken third place as the current most malicious malware, indicating that cybercriminals are certainly ‘in it for the money’ despite any higher motivations they may claim such as a political agenda, or ‘hacktivism’.

Malibot still remains a threat to users of mobile banking as it is still the third most prevalent mobile malware worldwide.

“Emotet continues to dominate our monthly top malware charts,” said Maya Horowitz, VP Research at Check Point Software. “Its latest developments include a credit card stealer module, meaning that enterprises and individuals must take extra care when making any online purchases.”

Check Point Research also revealed that “Web Server Exposed Git Repository Information Disclosure” is the most commonly exploited vulnerability, impacting 42% of organisations worldwide, which is an information disclosure vulnerability that could allow an unintentional disclosure of account information.

The second most common vulnerability is “Apache Log4j Remote Code Execution”, which is a remote code execution vulnerability, with an impact of 41%.

“Web Servers Malicious URL Directory Traversal” is third place and allows hackers to access arbitrary files in vulnerable servers, and has had a global impact of 39% in July.