Friday, January 22, 11:07
Home security Check Point The most widespread malware in August

Check Point The most widespread malware in August

Check Point Research, its research department Check Point Software Technologies Ltd., published the latest World Threat List for August at 2019. The research team is warning organizations about Echobot, a new variant of Mirai IoT Botnet, which has launched widespread attacks against a number of IoT devices.

Check Point

The Echobot, which first appeared in May 2019, has exploited more than 50 different vulnerabilities, and is the reason why there has been a sharp rise in the “Command Injection Over HTTP” vulnerability, which has affected 34% of organizations worldwide.

During August, two months after its shutdown, botnet re-activation was also observed. Emotet. Emotet was the largest botnet operator in the first half of 2019. Although there have not yet been significant attacks that exploit this specific malware, it may soon be used in spam campaigns.

"The sharp increase in incidents is a highlight, as Echobot was first introduced in mid-May as a new variant of the infamous Mirai IoT Botnet, and now targets more than 50 different vulnerabilities. Echobot has affected 34% of companies worldwide, proving that network updates, software and IoT devices are vital for organizations, "said Maya Horowitz, Director of Check Point Information and Threat Research.

Check Point 3 most prevalent malware threats in August 2019:

* The arrows indicate the change in rank relative to the previous month.

The XMRig continues to be at the top of the list, with Jsecoin to follow. The two malwares affected 7% of organizations worldwide, while Dorkbot came in third, affecting 6% of organizations worldwide.

  1. XMRig - XMRig is an open source CPU mining software for the Monero cryptocurrency production process that was first launched in May on 2017.
  2. Jsecoin - JavaScript mining software that can be embedded in websites. With JSEcoin, you can run the mining software directly on your browser in exchange for an ad-free browsing experience, game currencies and other incentives.
  3. Dorkbot - IRC-based Worm designed to allow remote code execution by its operator, as well as additional malware on the infected system, with the main purpose of intercepting sensitive information and performing denial-of-service attacks.

3 Most Popular Malware Threats in August at 2019:

During August, Lotoor was the most widespread malware on mobile, followed by AndroidBauts and Triada.

  1. Lotoor - A hacker tool that exploits vulnerabilities in the Android operating system to gain full root access to infringing mobile devices.
  2. AndroidBauts - This is Adware targeting Android users. The software eliminates IMEI, IMSI, GPS location and other device information and allows third party applications to be installed on the device.
  3. Triada - Modular backdoor for Android that grants super user rights to malware that has been downloaded, helping it integrate into system processes. Triada has also been observed to mislead URLs loaded into the browser.

3 vulnerabilities 'most frequently exploited' in August on 2019

In August, SQL Injection techniques continued to top the list, followed by the vulnerability of OpenSSL TLS DTLS Heartbeat Information Disclosure. The exploitation of these techniques and exploitation of the aforementioned vulnerability affected 39% of organizations worldwide. In third place was the vulnerability MVPower DVR Remote Code Execution with impact on 38% of organizations worldwide.

  1. SQL Injection (various techniques) - It is about inserting a SQL query into the data provided by the client in an application, thus exploiting a vulnerability in the code of that application.
  2. OpenSSL TLS DTLS Heartbeat Information Disclosure (CVE-2014-0160; CVE-2014-0346) - A vulnerability to information disclosure that exists in OpenSSL. Vulnerability is due to an error handling TLS / DTLS heartbeat packets. An attacker could exploit this vulnerability to reveal the contents of a logged-in client or server memory.
  3. MVPower DVR Remote Code Execution - MVPower DVRs have a vulnerability to code remotely. A remote attacker can exploit this flaw and execute arbitrary code on the affected router via a crafted request.

* The complete list of the most common malware threats worldwide 10 can be found here.

Check Point's Threat Prevention Resources are available on the site:


Please enter your comment!
Please enter your name here

In a world without fences and walls, who needs Gates and Windows


Microsoft Edge will notify you if your password is compromised

A new built-in password generator and a possibility to monitor the credentials that have leaked to Windows and macOS systems, is released by ...

Teespring: Hacker leaked data of millions of its users!

A hacker leaked data on millions of registered Teespring users on January 17 - an online portal that allows users to create and ...

QNAP: New Dovecat crypto-miner infects NAS devices

QNAP has warned its customers about a new malware (crypto-miner) called Dovecat, which targets NAS (network-attached storage) devices ...

MyFreeCams: Two million files were stolen from the adult site

A database of the popular adult site MyFreeCams, has been leaked to a hacking forum, resulting in the data of its users to ...

FBI: Parler is called in to investigate the Capitol attack

Participants in the January 6 attack on the US Capitol are accused of their actions, as they seem to have published in Parler and ...

Mac: How to see which model you have and when it was released

When you need support for your Mac - or want to install some kind of upgrade - you usually need to know the exact ...

Bill Gates: Will he work with Biden on COVID-19 / climate change?

Microsoft co-founder Bill Gates said on Twitter that he is looking forward to working with the new US President, Joe Biden, and ...

What are the rumors circulating about the iPhone 13?

Apple iPhone 13 will have a redesigned Face ID system that will have a smaller notch at the top of the screen, ...

Biden: How was the political transition in the US captured on social media?

As Joe Biden was sworn in as President of the United States, this important political transition was captured on popular social media. On January 20, ...

CentOS ceases to be supported but RHEL is offered for free

Last month, Red Hat caused a great deal of concern in the Linux world when it announced the discontinuation of CentOS Linux.