Check Point Greece: widespread malware in August

Check Point Research, its research department Check Point Software Technologies Ltd., published the latest Threat List for Greece in August of 2019.

Below is Checkpoint's full list of 10 most common malware threats in Greece for August:

agent Tesla - AgentTesla is a sophisticated RAT that functions as a keylogger and password-stealing software infecting computers from 2014. AgentTesla is able to monitor and collect victim's keyboard and system clipboard entries, take screenshots and remove credentials from software installed on the victim's machine (including Google Chrome, Mozilla Firefox, and email client Microsoft Outlook). AgentTesla is sold as a legal RAT with interested parties paying 15 - 69 dollars for a user license.

Lokibot - Lokibot is a spyware software that spreads primarily through phishing email and is used to intercept data such as e-mail credentials, as well as passwords to electronic cryptographic wallets and FTP servers.

Jsecoin - JavaScript mining software that can be embedded in websites. With JSEcoin, you can run the mining software directly on your browser in exchange for an ad-free browsing experience, game currencies and other incentives.

XMRig - XMRig is an open-source mining CPU software used for the Monero Cryptography process and was first released in May in 2017.

Hawkeye - Hawkeye is a malicious Info Stealer, designed primarily to extract user data from infected Windows-based platforms. Over the past few months, Hawkeye has improved to include keylogging capabilities, in addition to email and web browser theft. It is often marketed as MaaS (Malware as a Service) through various infection chain techniques.

NanoCore - NanoCore is a remote access trojan that was first noticed by 2013 and targets users of the Windows operating system. All versions include features such as screen capture, crypto mining, remote control and more.

Nanobot - Nanobot is a botnet with hosts controlled by NanoCore RAT, a remote access Trojan that targets users of the Windows operating system. All versions of RAT include basic features such as screen capture, cryptocurrency mining, remote desktop operation and webcam theft. NanoCore is being sold on the dark web for about $ 25 dollars, en; v several versions of RAT have been leaked over time.

Trickbot - Trickbot is a variation of Dyre that appeared in October of 2016. Since then, it has been primarily targeted at banking users in Australia and the United Kingdom, and has recently started appearing in India, Singapore and Malaysia.

Cryptoloot - Cryptocurrency software that uses the power of the central processing unit (CPU) or graphics processor (GPU) and the victim's existing resources to generate cryptocurrencies - adding transactions to the blockchain and generating new currencies. It competes with Coinhive.

Ramnit - Ramnit is a worm that infects and spreads mainly through removable drives and files loaded into public FTP services. Malicious software creates a copy of itself to infect removable and permanent drivers. Malware also works as a backdoor.