"Emotet Tops List of July's Most Widely Used Malware"

Security researchers at Check Point Research discovered that Emotet was the most widely used malware in the wild in July, followed by Formbook and XMRig.  The researchers reported that in 2022 Emotet had a global impact of 14%.  July saw a 50% reduction in Emotet's global impact, down to 7%, but the malware remains in the top spot despite this.  The researchers stated that this botnet continually evolves to maintain its persistence and evasion.  Its latest developments include a credit card stealer module, meaning enterprises and individuals must take extra care when making online purchases.  The second most used malware in July was Formbook, an infostealer targeting the Windows OS.  The researchers noted that from a technical standpoint, FormBook harvests credentials from various web browsers, collects screenshots, monitors and logs keystrokes, and can download and execute files according to orders from its command-and-control (C&C) server.  The third most used malware in July was XMRig, an open-source CPU mining software used to mine Monero cryptocurrency.  The researchers stated that threat actors often exploit this open-source software by integrating it into their malware to conduct illegal mining on victims' devices.  XMRig replaced Snake Keylogger as the third most wanted malware.  Snake Keylogger The credential stealer fell from third to eighth place in July.  In June, the researchers observed Snake Keylogger spreading via malicious Word documents, so the decrease in its deployment could be connected to Microsoft's recent confirmation that it will block macros by default.  The researchers also found that "Web Server Exposed Git Repository Information Disclosure" was the most commonly exploited vulnerability in July, impacting 42% of organizations worldwide.

Infosecurity reports: "Emotet Tops List of July's Most Widely Used Malware"