Emotet malware continues to climb the rankings of Check Point’s Most Wanted Malware list for March, thanks to a new campaign that relies on spam emails containing malicious OneNote files.
This threat is now number two on the list, moving up one spot from our February report. The popular campaign lured victims into opening a malicious OneNote file that installed malware.
Installing Emotet can collect login credentials and contact information to increase the reach of your campaigns and facilitate future attacks. According to Check Point’s report, this new technique is the result of Microsoft’s announcement to block macros from Office files.
Read more about this trend here: Hackers change tactics for new post-macro era
Maya Horowitz, vice president of research at Check Point Software, said:
“The most important things people can do is ensure proper email security, avoid downloading unexpected files, and develop a healthy dose of skepticism about the origin and content of emails.”
For the rest of the malware in Check Point’s most recent Most Wanted report, the Qbot banking Trojan holds the top spot. At the same time, the Formbook Infostealer was overtaken by his Emotet for third place.
In the mobile environment, the AhMyth RAT was March’s most-desired malware, replacing the current Anubis banking Trojan in second place. Hiddad is down one place from February to number three.
The most exploited vulnerability in March was the Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228). The second is Remote Code Execution (RCE) flaws in various HTTP headers (CVE-2020-10826, CVE-2020-10827, CVE-2020-10828, CVE-2020-13756) and the third is MVPower’s was an RCE of DVR device.
The list also includes the most attacked industries globally.
