09/12/2019 | Press release | Archived content
Check Point Research, the Threat Intelligence arm of Check Point® Software Technologies Ltd. (NASDAQ: CHKP), a leading provider of cyber security solutions globally, has published its latest Global Threat Index for August 2019. The Research team is warning organizations of a new variant of the Mirai IoT Botnet, Echobot, which has launched widespread attacks against a range of IoT devices. First seen in May 2019, Echobot has exploited over 50 different vulnerabilities, causing a sharp rise in the 'Command Injection Over HTTP' vulnerability which has impacted 34% of organizations globally.
August has also seen the Emotet botnet's offensive infrastructure becoming active again, after it shut down its services two months ago. Emotet was the biggest botnet operating in the first half of 2019. Although no major campaigns have been observed as yet, it is likely that it will be used to start spam campaigns soon.
'Echobot was first seen in mid-May, and as a new variant of the notorious Mirai IoT Botnet it's important to note the sharp increase in exploitations, as it is now targeting over 50 different vulnerabilities. Echobot has impacted 34% of companies around the world, which shows how vital it is for organizations to ensure all patches and updates for their networks, software and IoT devices are applied,' said Maya Horowitz, Director, Threat Intelligence & Research, Products at Check Point.
August 2019's Top 3 'Most Wanted' Malware:
*The arrows relate to the change in rank compared to the previous month.
This month XMRig keeps leading the top malware list, followed by Jsecoin, both with a global impact of 7%. Dorkbot is in the third place, impacting 6% of organizations worldwide.
August's Top 3 'Most Wanted' Mobile Malware:
This month Lotoor is the most prevalence Mobile malware, followed by AndroidBauts and Triada.
August's 'Most Exploited' vulnerabilities:
This month, SQL Injection techniques retain first place in the top exploited vulnerabilities list, closely followed by the OpenSSL TLS DTLS Heartbeat Information Disclosure vulnerability, both impacting 39% of organizations globally. On third place MVPower DVR Remote Code Execution vulnerability with a global impact of 38% of organizations worldwide.
Check Point's Global Threat Impact Index and its ThreatCloud Map is powered by Check Point's ThreatCloud intelligence, the largest collaborative network to fight cybercrime which delivers threat data and attack trends from a global network of threat sensors. The ThreatCloud database holds over 250 million addresses analyzed for bot discovery, more than 11 million malware signatures and over 5.5 million infected websites, and identifies millions of malware types daily.
The complete list of the top 10 malware families in August can be found on the Check Point Blog.
About Check Point Research
Check Point Research provides leading cyber threat intelligence to Check Point Software customers and the greater intelligence community. The research team collects and analyzes global cyber-attack data stored on ThreatCloud to keep hackers at bay, while ensuring all Check Point products are updated with the latest protections. The research team consists of over 100 analysts and researchers cooperating with other security vendors, law enforcement and various CERTs.