QBot, a sophisticated Trojan that steals banking credentials and keystrokes, emerged the most widespread malware in December impacting 20 percent of organisations in Nigeria.
The latest report by Global Threat Index noted that Qbot overtook Emotet to be the most prevalent malware after its return last month, impacting 7 percent of organizations worldwide.
Qbot also known as Qakbot is a banking Trojan that first appeared in 2008. It was designed to steal a user’s banking credentials and keystrokes. Often distributed via spam email, Qbot employs several anti-VM, anti-debugging, and anti-sandbox techniques to hinder analysis and evade detection.
Read also: Osinbajo urges Odu’a group to invest in technology
“The overwhelming theme from our latest research is how malware often masquerades as legitimate software to give hackers backdoor access to devices without raising suspicion. That is why it is important to do your due diligence when downloading any software and applications or clicking on links, regardless of how genuine they look,” authors of the report noted.
Check Point’s Global Threat Impact Index and its ThreatCloud Map is powered by Check Point’s ThreatCloud intelligence. ThreatCloud provides real-time threat intelliSoftware gence derived from hundreds of millions of sensors worldwide, over networks, endpoints and mobiles. The intelligence is enriched with AI-based engines and exclusive research data from Check Point Research, the intelligence and research Arm of Check Point Software Technologies.
The research found that “Web Server Exposed Git Repository Information Disclosure” was the most common exploited vulnerability, impacting 46 percent of organizations globally, followed by “Web Servers Malicious URL Directory Traversal” with 44 percent of organizations impacted worldwide. “Command Injection Over HTTP” is the third most used vulnerability, with a global impact of 43 percent.
