If you purchase via links on our site, we may receive affiliate commissions.

Emotet continues its reign as the most widely used malware

Chief Editor

Updated on: 10 August 2022

Emotet Trojan Malware — Image by Shutterstock

Emotet seems to be on vacation with a 50% reduction in its global impact this July. However, it still affects 7% of organizations worldwide.

Emotet's peak has possibly ended, but its threat hasn't gone anywhere. Check Point Research (CPR) says it constantly discovers new features and improvements in Emotet's capabilities, such as its latest credit card stealer module developed and adjustments done in its spreading systems.

Emotet, an advanced, self-propagating, and modular Trojan continues to dominate CPR's monthly top malware charts with a global impact of 7%. Emotet is used as a distributor to other malware and avoids detection.

"This botnet continually evolves to maintain its persistence and evasion. Its latest developments include a credit card stealer module, meaning that enterprises and individuals must take extra care when making any online purchases. In addition, with Microsoft now confirming that it will block macros by default, we await to see how malwares, such as Snake Keylogger, may change their tactics," said Maya Horowitz, VP Research at Check Point Software.

Emotet is followed by Formbook, which impacts 3% of organizations worldwide, and XMRig, an open-source CPU mining software used to mine Monero cryptocurrency, with a 2% global impact.

Formbook, an Infostealer targeting the Windows OS, harvests credentials from various web browsers, collects screenshots, monitors and logs keystrokes, and can download and execute files according to orders from its command-and-control server.

CPR said that "Web Server Exposed Git Repository Information Disclosure," "Apache Log4j Remote Code Execution," and "Web Servers Malicious URL Directory Traversal" were the most commonly exploited vulnerabilities in July.

Emotet continues its reign as the most widely used malware

More from Cybernews: