TOP 10 MALWARE MAY
2022 Slides 01
Malware is a constant threat and being aware of them is the first step to keeping them at bay. Here we have listed the top 10 malware to watch out for this upcoming month. Gh0st and Jupiter have made their entry as the top 10 malware and something every user should be aware of. Gh0st is a RAT employed to access infected endpoints. Another evasive malware, Jupiter is .NET malware used to target innocent users when they visit any website and download a file in the form of a PDF or zip. The malware activity for this month is predicted to rise by a considerable amount as compared to the previous month.
Slides 02
Here Are The Top 10 Malware That You Should Watch Out For In May 2022
Given below the Top 10 Malware ranked in order of virulence.
Shlayer Shlayer is a downloader and dropper malware targeting mainly MacOS. It is mainly propagated through malicious websites, compromised domains, and malvertising posing as Adobe Flash updater.
Slides 03
All Shlayer domains use the same keyword <api.random_name.com>. Below are numerous instances of domains Shlayer utilities.</api.random_name.com>
api[.]interfacecache[.]com api[.]scalableunit[.]com api[.]typicalconfig[.]com api[.]standartanalog[.]com api[.]fieldenumerator[.]com api[.]practicalsprint[.]com api[.]searchwebsvc[.]com api[.]connectedtask[.]com api[.]navigationbuffer[.]com api[.]windowtask[.]com
ZeuS ZeuS is a trojan that tracks the keys of a victim when they visit any banking website. By tracking the keystrokes, they get hold of the credentials of users and cause financial losses. Since its inception, various malwares are based on the ZeuS code and are used to perpetuate havoc.
Agent Tesla Agent Tesla is a RAT that gets hold of personal information and screenshots from an infected system.
Slides 06
NanoCore NanoCore is a RAT propagated through malspam. It spreads as an Excel XLS spreadsheet. Once it finds entry into the system, it installs and executes various files.
Slides 07
CoinMiner CoinMiner, as the name suggests is a crypto miner application based on Windows Management Instrumentation (WMI) and EternalBlue to infect any network. It also employs WMI Standard Event Consumer scripting to run numerous scripts.
Slides 07
Delf Delf is a group of malware with many versions devised in the Delphi programming language. They may be downloaders. Campaigns, targets, infection vectors, and capabilities, depending upon its version. They are sent to gain backdoor access, steal data, hinder antivirus, and various other functions.
Gh0st Gh0st is a RAT wielded to regulate infected endpoints. Gh0st is plunged by other malware to establish a backdoor into an appliance that authorizes an attacker to entirely monitor the infected device.
Slides 06
Jupyter Jupyter aka SolarMarker, is a highly infectious malware aimed to target harmless users to access any website or download any file. Jupyter majorly preys browser data in browsers such as Chrome, Chromium, and Firefox and has complete backdoor access. IPs: 37[.]120.233[.]92 89[.]44.9[.]108 92[.]204.160[.]101 92[.]204.160[.]114 146[.]70.101[.]97 146[.]70.53[.]153 146[.]70.40[.]236 193[.]29.104[.]89 Slides 08
Arechclient2 Arechclient2, also known as SectopRAT, is a .NET RAT aimed to conduct numerous functions. Their main role is to steal information including browser and wallet data. It is also instilled with anti-VM and anti-emulator functions.
Mirai Mirai is a malware botnet targeting Internet of Things (IoT) devices. This is done to conduct a DDoS attack and in the process gain complete control of the system.
Slides 06
Final Words So here are the top 10 malware you should watch out for in the month of May. Along with being informed about them, it is advisable to have a good quality antivirus and antimalware installed in your system. One such great antivirus is Sysvoot. Install it now and stay protected from any lurking dangers.
Slides 16