{"id":36649,"date":"2022-06-10T07:16:00","date_gmt":"2022-06-10T07:16:00","guid":{"rendered":"https:\/\/cloudnewshub.com\/archives\/36649"},"modified":"2022-06-10T07:16:00","modified_gmt":"2022-06-10T07:16:00","slug":"snake-keylogger-climbing-malware-charts-says-check-point","status":"publish","type":"post","link":"https:\/\/cloudnewshub.com\/?p=36649","title":{"rendered":"Snake Keylogger climbing malware charts, says Check Point"},"content":{"rendered":"
<\/div>\n

Emotet\u2019s commanding position at the top of the malware threat charts<\/a> seems as unassailable now as Bryan Adams\u2019 record-breaking run at the top of the UK singles charts seemed in the long, hot summer of 1991<\/a>, but according to Check Point\u2019s latest monthly countdown<\/a>, there is plenty of activity back in the pack, with the return of Snake Keylogger particularly noteworthy.<\/p>\n

Check Point\u2019s Global Threat Index, covering May 2022, revealed that Snake Keylogger returned to the top 10 in eighth place last month, following a number of novel email campaigns that saw it delivered via a malicious PDF file.<\/p>\n

Historically, Snake more usually arrived in the form of a .docx or .xlsx attachment, and Check Point\u2019s analysts theorised that the switch to .pdf format may be a result of Microsoft\u2019s move to block default internet macros in Office<\/a>.<\/p>\n

Check Point said spreading malware via PDF files may also be more effective as people tend to perceive such files to be inherently safer for some reason \u2013 potentially the lack of association with Microsoft.<\/p>\n

\u201cAs evident with the recent Snake Keylogger campaigns, everything you do online puts you at risk of a cyber attack, and opening a PDF document is no exception,\u201d said Maya Horowitz, research vice-president at Check Point Software.<\/p>\n

\u201cViruses and malicious executable code can lurk in multimedia content and links, with the malware attack, in this case Snake Keylogger, ready to strike once a user opens the PDF. Therefore, just as you would question the legitimacy of a .docx or .xlsx email attachment, you must practice the same caution with PDFs too.<\/p>\n

\u201cIn today\u2019s landscape, it has never been more important for organisations to have a robust email security solution that quarantines and inspects attachments, preventing any malicious files from entering the network in the first place,\u201d said Horowitz.<\/p>\n

\n

\u201cAs evident with the recent Snake Keylogger campaigns, everything you do online puts you at risk of a cyber attack, and opening a PDF document is no exception\u201d <\/figure>
Maya Horowitz, Check Point Software<\/strong> <\/figcaption><\/i> <\/p>\n<\/blockquote>\n

Meanwhile, Check Point found Emotet impacted 8% of organisations worldwide in May, a slight increase on April, while also holding steady in the number two and three slots were the FormBook infostealer, and the Agent Tesla remote access trojan (RAT) respectively.<\/p>\n

The remainder of the top 10 comprises Lokibot, an infostealer; XMRig, a cryptominer; Glupteba, a backdoor-turned-botnet; Ramnit, a banking trojan; Snake Keylogger; Phorpiex, a botnet; and Remcos, another RAT, in that order.<\/p>\n

However, in the UK specifically, while Emotet was still the top threat, Snake Keylogger came in second, and there were also appearances from the Qbot banking trojan and Conti ransomware.<\/p>\n

The most exploited vulnerability observed by Check Point last month was a series of malicious URL directory traversal vulnerabilities on various web servers, that have arisen due to an input validation error in web server that doesn\u2019t properly sanitise the URL for the directory traversal platforms \u2013 some of the CVE numbers on this list date back over 10 years.<\/p>\n

This was followed by Log4j, aka Log4Shell<\/a>, which remains a threat, and an information disclosure vulnerability in Git Repository in third position.<\/p>\n

More information on the most exploited vulnerabilities, mobile threats and most targeted industries is available from Check Point<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"

Emotet\u2019s commanding position at the top of the malware threat charts seems as unassailable now as Bryan Adams\u2019 record-breaking run at the top of the UK singles charts seemed in the long, hot summer of 1991, but according to Check Point\u2019s latest monthly countdown, there is plenty of activity back in the pack, with the […]<\/p>\n","protected":false},"author":1,"featured_media":36650,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[533],"tags":[],"class_list":["post-36649","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-it"],"_links":{"self":[{"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=\/wp\/v2\/posts\/36649","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=36649"}],"version-history":[{"count":0,"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=\/wp\/v2\/posts\/36649\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=\/wp\/v2\/media\/36650"}],"wp:attachment":[{"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=36649"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=36649"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=36649"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}