Check Point Research, the threat intelligence arm of Check Point Software Technologies, is warning organisations to check for and patch any systems vulnerable to the ‘Bluekeep’ Microsoft RDP flaw in Windows 7 and Windows Server 2009 machines.
The ‘Bluekeep’ flaw affects nearly 1 million machines accessible to the public internet with many more within an organisation’s network. Check Point Research is prompting organisations to check for and patch any systems to prevent the risk of being exploited for ransomware and cryptomining attacks.
Check Point has identified the top 10 malware affecting Australians in May below:
- ↑ JSEcoin, 4.21% (percentage of Australian cyber incident cases impacted by this specific malware)
A JavaScript miner that can be embedded in websites. With JSEcoin, you can run the miner directly in your browser in exchange for an ad-free experience, in-game currency and other incentives. - ↓ Cryptoloot, 3.57% (percentage of Australian cyber incident cases impacted by this specific malware)
Cryptominer malware, using the victim’s CPU or GPU power and existing resources for crypto mining activities. It is a competitor of Coinhive. - ↔ Magecart, 3.40% (percentage of Australian cyber incident cases impacted by this specific malware)
A malicious javascript code injected into e-commerce websites in order to steal credit card payment details. A compromised website containing the malicious code may leak the customer’s payment details to the attacker. - ↔ XMRig, 2.92% (percentage of Australian cyber incident cases impacted by this specific malware)
An open-source CPU mining software used for the mining process of the Monero cryptocurrency, and first seen in the wild in May 2017. - ↑ Ramnit, 2.19% (percentage of Australian cyber incident cases impacted by this specific malware)
A type of banking trojan that steals banking credentials, FTP passwords, session cookies and personal data. It also has the option for expandable functionality using external downloadable modules and can be used to spread additional threats. - ↔ Dorkbot, 1.86% (percentage of Australian cyber incident cases impacted by this specific malware)
IRC-based worm designed to allow remote code execution by its operator, and download additional malware to the infected system. The primary goal is to steal sensitive information and launch Denial-of-Service attacks. - ↓ Emotet, 1.62% (percentage of Australian cyber incident cases impacted by this specific malware)
An advanced, self-propagating and modular trojan that used to operate as a banking Trojan. Emotet uses multiple methods and evasion techniques for maintaining persistence and avoiding detection. - ↑ Lokibot, 1.46% (percentage of Australian cyber incident cases impacted by this specific malware)
An infostealer distributed mainly by phishing emails, and is used to still various data such as email credentials, as well as passwords to CryptoCoin wallets and FTP servers. - ↔ Trickbot, 1.30% (percentage of Australian cyber incident cases impacted by this specific malware)
A Dyre variant which first emerged in October 2016. Since then, it has targeted banking users mostly in Australia and the UK, and recently expanded its focus to India, Singapore and Malaysia. - ↑ Nivdort, 1.22% (percentage of Australian cyber incident cases impacted by this specific malware)
A trojan family which targets the Windows platform. It gathers passwords and system information or settings such as the IP address, software configuration and approximate location. Some versions of this malware collect keystrokes and modify DNS settings.
Check Point Technologies was established in 1993 by CEO Gil Shwed and is a leading global provider of cyber security solutions developing new technology innovations to protect millions of consumers and corporations from hackers, spyware and identity theft.