For the first time since December 2022, the Remcos Trojan returned to Check Point Software’s Top 10 Most Wanted Malware list (#8).
Threat actors used Remcos extensively in February to target Ukrainian government agencies through phishing attacks, according to the company’s latest report released today.
The research document also reveals that overall weekly attacks targeting Ukraine decreased by 44% from October 2022 to February 2023.
Check Point Software’s Vice President of Research, Maya Horowitz, said of the report’s findings:
“Since the beginning of the Russian-Ukrainian war, hacktivism has typically been high on threat actors’ agendas, with most favoring destructive attack methods such as DDoS for the most attention.”
Horowitz added that recent attacks targeting Ukraine used traditional attack vectors such as phishing scams to obtain information and extract data.
“It is important that all organizations and government agencies follow safe security practices when receiving and opening emails. Do not download attachments without first scanning the property. Please do not click on any links and check the sender’s address for any additional characters, misspellings, or other abnormalities.”
Qbot remained at the top of the list, followed by the Formbook infostealer and the infamous Emotet Trojan. Both moved up the rankings compared to Check Point’s January report.
The banking Trojan Anubis also maintained its position as the top mobile malware, followed by Hiddad (a malware tool designed to add ads and repackage apps) and AhMyth RAT.
The most exploited vulnerability in the wild in February was a web server malicious URL directory traversal that replaced a web server flaw that exposed GitHub repository information in October 2022. .
