The 10 most dangerous malware today - Teknogue 24

The 10 most dangerous malware today


The further, the better: We review the 10 most dangerous types of malware that exist today

The 10 most dangerous malware today

Every few days, we find ourselves in the situation of having to report new attacks aimed at Android users, who use the malware with the aim of stealing sensitive information, money or taking control of the devices of the millions of users who use the Google operating system.

There are many different types of malware, although not all carry the same severity for users. Cybersecurity experts at check point have decided to review the ten most serious threats that can be found today on Android, and the reasons that make them the most dangerous.

Malware on Android

We review the different types of most dangerous malware that exist on Android.

These are the most dangerous threats available on Android today

According to specialists, after end of flubot several weeks ago, MaliBot has managed to gain prominence. This new malware bases its attacks on phishing via SMS (practice known as smishing)tricking users into following a link and downloading a rogue application.

Despite the rise in popularity of this malware, Emoticon remains the most dangerous and frequent threat, with a global impact of 14%, followed by Formbook and Snake Keylogger.

  1. Emoticon – Emotet is an advanced, self-propagating and modular Trojan. Emotet was once used as a banking Trojan, but has recently been used as a distributor of other malware or malicious campaigns. It uses multiple methods to maintain persistence and evasion techniques to avoid detection. Furthermore, it can be spread via emails containing malicious attachments or links.
  2. form book – Formbook is an Infostealer first detected in 2016. It is marketed as Malware-as-a-Service (MaaS) on underground hacking forums due to its strong evasion techniques and relatively low price. FormBook obtains credentials from web browsers, collects screenshots, monitors and logs keystrokes, and can download and run files.
  3. Snake Keylogger – Snake is a modular keylogger and credential stealer that was first discovered in late November 2020. Its main function is to record user keystrokes and transmit the collected data to threat actors. Snake infections pose a huge threat to users’ privacy and online security, as the malware can steal virtually all kinds of sensitive information and is a particularly evasive and persistent keylogger.
  4. Agent Tesla – Agent Tesla is an advanced RAT that functions as a keylogger and data stealer, which is capable of monitoring and collecting victim’s keyboard input, system keyboard, taking screenshots and exfiltrating credentials to a variety of software installed on the victim’s machine (including Google Chrome, Mozilla Firefox and Microsoft Outlook email client).
  5. XMRig – XMRig is an open source CPU mining software used to mine the Monero cryptocurrency. Threat actors often abuse this open source software by integrating it into their malware to illegally mine victims’ devices.
  6. Remcos – Remcos is a RAT-type malware that first appeared in 2016. Remcos is distributed via malicious Microsoft Office documents, which are attached to SPAM emails, and is designed to bypass security and execute the malware with privileges of high level.
  7. Phorpiex – Phorpiex is a botnet (also known as Trik) and has been since 2010. At its peak it controlled over a million infected hosts. Known for distributing other malware families via spam campaigns, as well as fueling large-scale sextortion and spam campaigns.
  8. Ramnit – Ramnit is a modular banking Trojan first discovered in 2010. Ramnit steals web session information, giving its operators the ability to steal account credentials for all services used by the victim, including bank accounts, and corporate and social media accounts. The Trojan uses both encrypted domains and domains generated by a DGA (Domain Generation Algorithm) to contact the C&C server and download additional modules.
  9. Glupteba – Glupteba is a backdoor that matured into a botnet. In 2019 it included a C&C address update mechanism via public Bitcoin lists, a comprehensive browser hijacking capability, and a router exploiter.
  10. NJRat – NJRat is a remote access Trojan, used by both Crimeware and state attackers. The Trojan first appeared in 2012 and has multiple capabilities: capturing keystrokes, accessing the victim’s camera, stealing credentials stored in browsers, uploading and downloading files, manipulating processes and files, and viewing the desktop of the victim. NJRat infects victims via phishing attacks and drive-by downloads, and spreads via infected USB keys or network drives, supported by Command & Control server software.
See also  Microsoft warns: 4 tips to prevent malware from infecting your Android

As you can see, not all malware mentioned in the list prepared by Check Point do not affect Android nor are they aimed at attacking Google’s operating system mainly, but some of them do have the most used mobile platform in the world as their target.

For that reason, it is highly recommended to take all necessary precautions and adopt the measures to keep an Android device 100% secure.

For you

© 2022 Difoosion, SL All rights reserved.

Leave a Reply

Your email address will not be published.