SAN FRANCISCO, CALIFORNIA — Cryptomining malware that dominated the top 10 most wanted malware in May has dug into nearly 40 percent of organizations globally, an increase of nearly 50 percent, a California-based cyber-security firm said Thursday.
In its latest Global Threat Index for May 2018, Check Point Software Technologies Ltd., a global leading cyber-security firm, said the Coinhive cryptominer remained the “most wanted” and the most prevalent malware in May, which impacted 22 percent of organizations globally, up from 16 percent in April.
Cryptoloot, another crypto-mining malware, ranked second with a global reach of 11 percent, as May 2018 is the fifth consecutive month where cryptomining malware dominated Check Point’s Top Ten Most Wanted Malware Index.
In the third place was the Roughted malvertising malware, which affected 8 percent of organizations across the world.
Check Point found that cyber-criminals are continuing to target unpatched server vulnerabilities in Microsoft Windows Server 2003, with 44 percent of the world’s organizations on the radar of hackers, while Oracle Web Logic became the most vulnerable system in business networks, with 40 percent being impacted.
“Cyber-criminals are more likely to probe known vulnerabilities in the hope that organizations have not acted to remediate them, as they are to develop new attack vectors,” said Maya Horowitz, Threat Intelligence Group Manager at Check Point.
The company cited Lokibot, an Android banking Trojan and info-stealer, as the biggest threat to mobile users in May, which can also turn into a ransomware that locks their phones.
The other top two malware last month were Triada, a Modular Backdoor for Android which grants superuser privileges to downloaded malware, and Lotoor, which is a hack tool that exploits vulnerabilities on Android operating system in order to gain root privileges on compromised mobile devices.